The Long-Term Cost and Commitment of Ransomware Attacks

Cyberattacks in manufacturing have increased — here’s how cyber leaders can deploy defenses today.

Allen Jenkins
Jul 24, 2023
Computer Security And Hacking Concept Ransomware Virus Has Encrypted Data In Laptop Hacker Is Offering Key To Unlock Encrypted Data For Money 684726904 2130x1411 (1)

As 5G device use skyrockets, the internet of things (IoT) expands and manufacturing leaders gain access to new cybersecurity and business-related insights — from information about addressing their optional inefficiencies to innovative penetration testing methods. However, expanded technology use and inter-device communication exposes organizations to additional cybersecurity risks. More endpoints and end-users equates to more entryways for bad actors to exploit. This likely explains why cyberattacks in the manufacturing industry increased by 52 percent between 2020 and 2021.

According to industry research, 99 percent of U.S. organizations have experienced a security incident in the past year. And for ransomware in particular, the aftershocks of these incidents are incredibly costly. Ransomware breaches led to 22 days of interruption on average in 2020. In other words, organizations could not act effectively or productively during this time. For Production — the bedrock of all organizations — these productivity losses are devastating.

Worse is the damage a breach can have on an organization's long-term reputation. Consumers lose more than 67 percent of their trust in organizations breached by ransomware. Plummeting confidence negatively impacts an organization's ability to collect consumers' first-party data and turn a profit.

Recovering from a large-scale ransomware attack is financially burdensome and sometimes even impossible, depending on the degree of proactive measures an organization adopts. Thankfully, the frequency of ransomware attacks and breaches has given rise to robust cyber defenses that manufacturing leaders can deploy today. Here’s how.

Building a Robust Cyber Defense

The only way to prevent an attack — or curtail its impact on business continuity — is to enact a ransomware protection strategy, preferably ASAP. According to IBM, in 2021, organizations operating on a mature zero-trust framework lost about $3.28 million during the average data breach. Organizations without comparable security measures lost over $5 million on average. Similarly, when breached, enterprises with mature AI/automation-based technologies saved nearly four million dollars compared to their competitors.

Measures like zero-trust security are vital because they compensate for the expansion of the IoT and our modern risk landscape. Within a zero-trust framework, the network treats all users and endpoints as a possibly corrupted risk vector or bad actor. Zero-trust systems require robust and frequent user authentication through multi-factor authentication (MFA) and single sign-on (SSO) protocols, regardless of where the user is geographically located.

Zero-trust security is critical in the modern workforce as employees increasingly access their organization's networks remotely. But zero-trust security protocols and a fortified cybersecurity plan require careful implementation and monitoring. For many organizations, this necessitates the presence of a cybersecurity expert — either through an internal position like a Head of Cybersecurity or a third-party vendor (or both).

Moreover, manufacturing leaders should only consult with professionals who have expertise in production cybersecurity, as the industry faces several specific challenges. For example, although the manufacturing sector excels in thwarting data encryption, it lags behind in backup creation. The right partner will guide leaders through the process of correcting industry-specific omissions.

Your Response Strategy

Even organizations with cutting-edge ransomware protection services may eventually get breached. The good news is that leading providers will walk leaders through an efficient response process, including the following vital touchpoints.

  • Take note of the damage and file a report. Once IT technicians know of a breach, they must get to work quickly identifying the ransomware's nature and the damage's extent. This step includes pinpointing all affected devices and categorizing impacted data. Leaders should then work with their legal counsel to determine the scope of legal and regulatory concerns based on the data impacted. This will inform the next appropriate steps to take.
  • Address the ransomware appropriately. Remember, it is never wise to pay a ransom. Instead, leaders should focus on restoring device functionality expeditiously. To start this process, isolate all impacted devices — and be aware that simple tasks like shutting down the device may actually further spread the ransomware. Once all devices are isolated, considerations for any needed investigations or forensics should take precedence before planning for data restorations.
  • Inform stakeholders. Before announcing the breach publicly, leaders should work with legal counsel and develop an appropriate communication strategy which could include gathering top stakeholders — including important customers, board members and investors — to inform them of the damage and its possible ramifications. Otherwise, these individuals may feel mistreated or misled. Involving the legal team in this step is also crucial because certain disclosures may be mandatory by law. Regardless, leaders should be clear and upfront about the damage.
  • Review internal processes and make improvements. Reflecting on a breach is critical. Identify where the ransomware entered and fortify that gap. As part of this step, it's wise to invite outside parties to review security protocols and ensure future ransomware attacks fail.
  • Can my organization recover from a breach? The simple but highly caveated answer is ... yes. Manufacturing organizations that have prepared for a ransomware breach with the right resources, including proactive cybersecurity defense measures, zero-trust procedures and an incident response team, can recover in a comparably short amount of time. However, less-prepared organizations may still recoup. However, they will lose thousands — and potentially even millions — of dollars in the process, either in direct costs like cyber insurance, or via downstream complications like productivity loss and data corruption. This is why a strong offense remains the best defense.

IT leaders at organizations with weaker cyber protections should anticipate an unmitigated or prolonged breach to impact their consumers’ long-term confidence, which negatively impacts revenue goals. But don’t lose hope — today’s lesson learned may be tomorrow’s savior.

Allen Jenkins is the Chief Information Security Officer and VP of Cybersecurity Consulting at InterVision, a leading managed services provider.


Latest in Cybersecurity
Intuitive and Flexible Manufacturing ERP
Sponsored
Intuitive and Flexible Manufacturing ERP
May 1, 2024
Ransomware
Report Identifies Hidden Costs, Challenges of Ransomware
April 25, 2024
Ep90
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Transportation and Logistics Under Siege
April 24, 2024
Related Stories
Cybersecurity
Cybersecurity
ZAG Technical Services Announces New Cybersecurity Offering
I Stock 1251037786
Cybersecurity
What is Volt Typhoon?
This photo provided by the Municipal Water Authority of Aliquippa shows the screen of a Unitronics device that was hacked in Aliquippa, Pa., on Saturday, Nov. 25, 2023. The hacked device was in a pumping booster station owned by the Municipal Water Authority of Aliquippa. An electronic calling card left by the hackers suggests they picked their target because it uses components made by an Israeli company.
Cybersecurity
Congressmen Ask DOJ to Investigate Water Utility Hack
Manufacturing Business Management
Sponsor Content
Manufacturing Business Management
More in Cybersecurity
Manufacturing Business Management
Sponsored
Manufacturing Business Management
Acumatica looks to offer new solutions.
May 1, 2024
Ransomware
Cybersecurity
Report Identifies Hidden Costs, Challenges of Ransomware
Too many are paying, and the reasons range from understandable to infuriating.
April 25, 2024
Ep90
Video
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Cybersecurity
Transportation and Logistics Under Siege
A look at how this vital and increasingly targeted market sector is responding to more cyberattacks.
April 24, 2024
Industrial Cyber
Cybersecurity
5G, AI and More Are Changing OT - Why Zero Trust Could Be the Solution
Maximizing technology investments while maintaining security.
April 24, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
Avoiding Shutdowns from Ransomware Attacks
A strategic approach for protecting OT networks.
April 24, 2024
IEC 62443 is a key standard to reduce risk of cyberattacks in industrial workplaces.
Cybersecurity
How to Build a More Secure Connected World with IEC 62443
The goal is better efficiency, improved sustainability and interoperability, enhanced reliability and greater cost-effectiveness for system integrators, product suppliers and other stakeholders.
April 24, 2024
Coding
Cybersecurity
CISA Releases 7 ICS Advisories
Unitronics, Rockwell and Mitsubishi head the list.
April 19, 2024
Financial Cyber
Cybersecurity
Alarming Trends Reinforced in Ransomware Attack of Semiconductor Mfr.
Experts assess the fallout from the Dark Angel attack on Nexperia.
April 19, 2024
Industrial Cyber
Cybersecurity
Hexagon, Dragos Announce Partnership
The team-up looks to "revolutionize OT cybersecurity."
April 18, 2024
Ransomware
Cybersecurity
Report Shows Updated Ransomware Concerns
Hackers are elevating the complexity of their attacks - making them harder to detect.
April 18, 2024
Cybersecurity In A Bubble
Cybersecurity
Responding to Emerging Risks and Attack Vectors
Insight on key hacker strategies, response plans and creating a culture that embraces cybersecurity.
April 18, 2024
Ep89
Video
Security Breach: Weaponizing Secure-By-Design
How a greater focus on new and legacy OT connections could alter the cybersecurity battlefield.
April 18, 2024
Siemens Image 1
Cybersecurity
An Automatic Cyber Response Solution
The platform works to isolate and quarantine the infected production equipment during an attack.
April 11, 2024
Financial Cyber
Cybersecurity
1 in 5 S&P 500 Companies Reported Breaches Last Year
Ransomware demands and supply chain targeting continues to escalate.
April 11, 2024