Why the manufacturing industry is being targeted by ransomware

Why the manufacturing industry is being targeted by ransomware


A growing threat

Ransomware attacks continue to invade the small-medium business sector and are on the rise.

The number of incidents involving ransomware reported to Beazley Breach Response (BBR) Services in the first quarter of 2020 increased by 25% compared to Q4 of 2019.

What’s most shocking is that the manufacturing industry experienced the steepest increase of all with their numbers being up 156% quarter on quarter.

In 2019, the manufacturing industry spent more than any other sector on ransomware payouts, paying a total of $6.9m.

This represents 62% of the total $11m of ransoms that were paid out to cyber criminals throughout 2019, despite manufacturing only making up 18% of the cases.


Why is the manufacturing industry being so heavily targeted?

There are two major reasons the manufacturing industry is being targeted so heavily.



Timing is everything in the world of manufacturing. Organizations are constantly improving their systems to shave off split seconds to increase their productivity and increase their profits.

If systems are down for even an hour, it can cost an organization hundreds of thousands of dollars.

This is the precise reason why cybercriminals are targeting the manufacturing sector.

They know that they will pay the ransoms so they can get back up and running again as soon as possible and the numbers in the opening paragraph showcase this.

Two notable manufacturers suffered losses in the tens of millions of dollars in 2019 alone due to downtime.

Pilz, a German manufacturer of automation safety machines was down for over a week due to a Ransomware attack, costing the company an estimated minimum of $10m in damages.

Norsk Hydro, the world’s number one aluminum producer was also a victim of a Ransomware attack that cost the company $40m.


Intellectual Property

The manufacturing industry is ripe with intellectual property.

This can range from chemical formulas, recipes, blueprints, and schematics.

Many companies rely on their original ideas to gain a competitive edge over their competition.

The theft of intellectual property used to be massive elaborate espionage plans that could sometimes take years to execute.

Now it can be done remotely in the form of a cyberattack.

According to the 2017 Data Breach Investigations report, Manufacturing was the #1 industry targeted by cyberespionage.

With Ransomware attacks rising, it is not doubt that cyber criminals will use the same “ransom” tactic with organizations intellectual property.

Why is the manufacturing industry vulnerable to such attacks?

The manufacturing industries history of not working with the latest and greatest IT infrastructure is playing into the hands of these cybercriminals.

Legacy systems are especially vulnerable to cyber threats.

The industry is moving along with the rest of the world by going digital and putting their systems on computers, however, the majority are not implementing the necessary security measures.

In addition to that, the complexity of the manufacturing supply chain, with it’s connected web to suppliers, production lines, logistics and multinational sites also increase the risk.

With so many moving parts, it’s easy for something to slip by and infect the organizations IT infrastructure. This is known as Third Party Vendor Risk.


What can the manufacturing do to prevent these attacks?

Organizations need to implement an up to date, tested disaster recovery program with regularly tested backups to defend against ransomware.

If organizations don’t have an internal IT team capable of doing so, they can use a third party firm that offers Disaster Recovery as a Service or DRaaS.

To learn more about Disaster Recovery, click here.