Ransomware: Manufacturing Industry Pays The Highest Ransoms

Ransomware: Manufacturing Industry Pays The Highest Ransoms

On average, the amounts are just over $2 million. Regardless of industry, of all the participants in a study, only 8 percent pay amounts greater than $1 million.

Industrial companies with their own manufacturing operations pay the highest ransoms in ransomware attacks. This is the result of a study by Sophos. It found that such attacks cause the highest damage in the manufacturing sector.

For the study, Sophos evaluated ransom payments to cyber extortionists. In the manufacturing sector, an average of $2,036,189 was paid for the transfer of keys to decrypt files and servers. This is more than double the average ransom paid by all victims surveyed. This was $812,360.

Manufacturing plants are a popular target for cyber extortionists because prolonged production downtime usually results in very high costs. In addition, many plants are part of a supply chain and production disruptions would have an impact on other companies as well. In addition, Sophos noted that the production sector often uses old computer and industrial systems. Often, it is difficult to apply patches to these systems – if they are available at all, he said.

“The manufacturing industry is an attractive target for cybercriminals due to its privileged position in the supply chain. Outdated infrastructures and lack of visibility into the operational technology (OT) environment provide attackers with easy access and a launching pad for attacks on a compromised network,” said John Shier, senior security advisor at Sophos. “The convergence of IT and OT increases the attack surface and exacerbates an already complex threat environment.”

However, the study also shows that ransomware payments of more than $1 million tend to be the exception. Of all survey participants who agreed to their extortionists’ demands, 37 percent paid more than $100,000. Only 8 percent spent more than a million dollars for a decryption key.

Sophos also points out that paying a ransom is not always the fastest way to recover one’s data after a cyber extortion. In the manufacturing industry, only 59 percent of all data was recovered after a payment, according to the study – across all industries, the average is 61 percent.