Of the Organizations Surveyed That Paid the Ransom, the Average Cost Was $2,036,189—More Than Double the Cross-Sector Average of $812,360

OXFORD, U.K. — Ottobre 26, 2022 —

Sophos, a global leader in innovating and delivering next-generation cybersecurity as a service, today published a new sectoral survey report, “The State of Ransomware in Manufacturing and Production,” which found that the sector had the highest average ransom payment across all sectors—$2,036,189 versus $812,360, respectively. In addition, 66% of manufacturing and production organizations surveyed reported an increase in the complexity of cyber attacks, and 61% reported an increase in the volume of cyber attacks when compared to the previous year’s survey. The increase in complexity and volume is also 7% and 4% higher than the cross-sector average, respectively.

“Manufacturing is an attractive sector to target for cybercriminals due to the privileged position it occupies in the supply chain. Outdated infrastructure and lack of visibility into the OT environment provides attackers with an easy way in and a launching pad for attacks inside a breached network. The convergence of IT and OT is increasing the attack surface and exacerbating an already complex threat environment,” said John Shier, senior security advisor, Sophos. “While having reliable backups is an important part of recovery, today's ransomware threat requires a detailed response plan that includes human-led threat hunting capabilities. Complex attacks require comprehensive protection, which, for many organizations, will include the addition of managed detection and response (MDR) teams who are trained to look for and neutralize active attackers.”

While manufacturing and production had the highest average ransom payment, the percentage of organizations that actually paid the ransom was among the lowest across sectors (33% versus 46% for the cross-sector average).

Additional findings include:

  • The manufacturing and production sector had the lowest attack rate, tied with financial services, with only 55% of organizations surveyed targeted by ransomware
  • However, the percentage of manufacturing and production organizations hit by ransomware increased by 52% over the previous year’s report (up from 36% in the 2021 survey report)
  • The sector also had the lowest encryption rate (57% versus 65% for the cross-sector average)
  • Only 75% of those surveyed reported having cyber insurance—the lowest percentage across all sectors

In light of the survey findings, Sophos experts recommend the following best practices for all organizations across all sectors:

  • Install and maintain high-quality defenses across all points in the environment. Review security controls regularly and make sure they continue to meet the organization’s needs
  • Proactively hunt for threats to identify and stop adversaries before they can execute attacks – if the team lacks the time or skills to do this in-house, outsource to a Managed Detection and Response (MDR) team
  • Harden the IT environment by searching for and closing key security gaps: unpatched devices, unprotected machines and open RDP ports, for example. Extended Detection and Response (XDR) solutions are ideal for this purpose
  • Prepare for the worst, and have an updated plan in place of a worst-case incident scenario
  • Make backups, and practice restoring them to ensure minimal disruption and recovery time

 

To learn more about the State of Ransomware in Manufacturing and Production, download the full report from Sophos.com.

The State of Ransomware 2022 survey polled 5,600 IT professionals in mid-sized organizations across 31 countries, including 419 respondents from the manufacturing and production sector.

Informazioni su Sophos

Sophos è un’azienda leader nell’ambito della cybersecurity e protegge 600.000 organizzazioni in tutto il mondo con una piattaforma basata sull’IA e servizi a cura di esperti. Sophos viene incontro alle esigenze delle organizzazioni, adattandosi al loro livello di maturità di sicurezza informatica e crescendo insieme ai clienti per tutelarli dai cyberattacchi. La sua soluzione offre la combinazione ottimale tra machine learning, automazione e dati di intelligence sulle minacce in tempo reale, aggiungendo le competenze umane degli esperti del team Sophos X-Ops, che lavorano in prima linea per garantire monitoraggio, rilevamento e risposta alle minacce 24/7.
Sophos offre un servizio di Managed Detection and Response (MDR) leader di settore, nonché una linea completa di tecnologie di sicurezza, tra cui soluzioni per la protezione di endpoint, rete, e-mail e cloud, nonché Extended Detection and Response (XDR), rilevamento delle minacce all’identità (Identity Threat Detection and Response, ITDR) e SIEM next-gen. Unite a servizi di consulenza a cura di esperti, queste funzionalità aiutano le organizzazioni a ridurre proattivamente il rischio e a rispondere in maniera più tempestiva, ottenendo il giusto livello di visibilità e scalabilità richiesto per tenersi un passo avanti rispetto a minacce in continua evoluzione.
La strategia go-to-market di Sophos si basa su un ecosistema di Partner che include Managed Service Provider (MSP), Managed Security Service Provider (MSSP), Rivenditori e Distributori, integrazioni per il marketplace, e Partner Cyber Risk; questa strategia offre alle organizzazioni la flessibilità di scegliere come stabilire rapporti di fiducia per la protezione della loro attività.  Sophos ha sede a Oxford, nel Regno Unito. Ulteriori informazioni sono disponibili su www.sophos.it.