Why Ransomware Is a Major Threat to Manufacturing

Cybercriminals are drawn to the most vulnerable and profitable sectors.

Image Source Pixabay

The manufacturing industry has overwhelmingly embraced automation and digitization, capitalizing on the improved efficiency in controlling and monitoring operations. However, the efficiency comes with a catch: a higher risk of cyberattack from modern malware technology.

Ransomware is one of the most common forms of malware. It allows hackers to access and cripple computer systems. Then, they keep these systems down till the affected parties pay a ransom. Some hackers may opt not to disable the systems, but encrypt the data, making it inaccessible to the user.

In 2020 ransomware attacks against individuals reduced, but attacks against businesses increased because they're more profitable and a company is more likely to pay. The ransom per attack rose from around $100,000 to over $300,000.

Cybercriminals are drawn to the most vulnerable and profitable sectors, which is probably why in 2020 the manufacturing sector received 17 percent of the attacks on businesses and organizations. A digitized manufacturing plant usually interconnects IT systems, providing hackers with access to monitoring systems, designs, intellectual property and procurement data with one or few attacks. There are three main reasons why these facilities are a gold mine for hackers.

1. A Higher Probability of Getting Paid: Access to all these systems and data is great leverage to push the company to pay a ransom, and downtime resulting from such an attack can cause extensive damage.

2. High-Value Data: A ransomware attack involves denying the user control of their systems. But modern hackers sometimes incorporate data-extraction malware as well. So, suppose they get sensitive data such as intellectual property. In that case, the hackers can extort more money from the manufacturer, or sell it to competitors.

3. Extorting Third Parties: Sometimes, the extracted data is about third parties, like suppliers, clients and partners. The hackers can use the data to demand a ransom from those entities as well. Check Point calls this tactic, which became popular in 2020, Triple Extortion Ransomware. 

How to Protect Against an Attack

A successful ransomware attack is every manufacturer’s nightmare. Fortunately, there are steps organizations can take to protect their systems.

1. Update software regularly: Outdated software and operating systems have lower security levels. Thus, they’re more vulnerable to cyberattacks. Also, install patches regularly, as this will help the manufacturer to counter the sophisticated technologies hackers use.

2. Train employees:  Employees should understand the company’s security systems and know what they can do to protect the organization. Hackers often penetrate systems through phishing. An employee who understands information security would be less likely to fall for it.

3. Intrusion Detection and Prevention Systems: IDS identify malware that has infiltrated the IT network, removing them before they cause damage. Intrusion prevention systems (IPS) are proactive. They stop the malware from even accessing the system. An IPS identifies suspicious programs that could be ransomware and blocks them. It can also block a suspicious user’s IP. Both systems alert the information security team whenever they detect a threat.

4. Use backup systems: Backup systems and data help companies resume operations as soon as possible. Manufacturers should keep both online and offline backups, updating and testing them regularly. 

Should Victims Pay?

The ransom amount demanded by hackers is usually painful. But it’s usually a small fraction of the value of damage that the company would face if it does not restore systems. So, without a means to regain control of the systems, many company executives opt to pay.

Paying is not illegal, but is it ethical? Some critics argue that paying encourages the hackers to continue attacking other victims. Manufacturers in the healthcare and energy production sectors are too sensitive. They cannot allow their operations to stay down for long. As a result, such companies almost always pay. 

The threat of ransomware and other cyberattacks will keep growing as manufacturers continue to digitize, automate, and integrate their systems, which means you must take precautions and keep upgrading systems.


Sam Meenasian is the Operations Director of USA Business Insurance and BISU Insurance.

More in Cybersecurity