Spike in Ransomware Attacks on Manufacturers

March 30, 2021
manufacturing-cyber-attacks

Hackers are setting their sights on manufacturers.

In 2020, ransomware attacks increased. While many of these attacks targeted government and healthcare sectors, the manufacturing sector received more than its fair share of attacks, as well. According to TechRepublic, 13.9% of manufacturing companies reported a ransomware attack in the previous 12 months. This makes it the second most-targeted sector, with only the governmental sector incurring more attacks – and it’s getting worse. Silicon Republic says that ransomware attacks against the manufacturing sector tripled in 2020.   

In a recent case, Industry Week reports that hackers have attacked Kia Motors America. The hackers demanded a ransomware payment of about $20 million in bitcoin, and the ransom could increase to $30 million if a deadline is not met. 

Why Are Hackers Targeting Manufacturers?

Ransomware hackers go where they can exploit security weaknesses to cause the most damage and make the most money. In many cases, that leads them to the manufacturing sector.

According to ZDNet, hackers specifically target the industrial control systems that manage manufacturing operations. Security weaknesses can make industrial control systems an attractive target. Hackers may also target manufacturers because they know they’re likely to be paid – manufacturers simply cannot afford the downtime that ransomware attacks cause.

Infosecurity says that the manufacturing sector paid $6.9 million in ransomware payments in 2019, representing 62% of the total amount of ransomware payments made that year.

Slowing Down the Deluge of Attacks

Hackers know manufacturers need to keep operations going and will pay a hefty price to make sure that happens. They also know they can exploit security weaknesses in industrial control systems to launch ransomware attacks.

In other words, hackers have both the motive and means to hit manufacturers with ransomware.  Given this, it’s guaranteed that the attacks will continue.

In another frequently targeted sector, the healthcare industry, professionals know that ransomware is a threat and that steps must be taken to protect their data. Likewise, manufacturers must take steps to protect their operations. This includes increased cybersecurity awareness and an adoption of best practices to minimize security vulnerabilities.

Unfortunately, many manufacturing companies have a lot of work ahead of them. Andrea Carcano, co-founder of Nozomi Networks, told IndustryWeek that manufacturers should take three key steps to prevent attacks. First, they should adopt a cybersecurity framework. Second, they should improve asset visibility. Third, they should integrate OT and IT network security.

Preparing for the Next Attack

In addition to taking steps to make an attack less likely, manufacturers should also prepare for the possibility of an attack. A manufacturing company’s ransomware incident response plan should address the following questions:

  • How will downtime impact operations and how much downtime is allowable?
  • What resources are available to investigate and mitigate a threat once it occurs?
  • What insurance coverage is available to help with the financial impact of an attack, including business interruption and ransom payment?

The Heffernan Insurance Brokers’ team can help you answer the third question. Please reach out if you’d like to review your cyber insurance strategy.