Ransomware attacks on the manufacturing sector have been a major concern in recent years, with Comparitech’s new analysis revealing the staggering global costs associated with such incidents. The firm examined 478 confirmed ransomware attacks on manufacturing companies from 2018 to July 2023, shedding light on the true impact of these cyber threats.
According to Comparitech’s findings, the estimated cost of downtime caused by ransomware attacks on manufacturers over the five and a half year period amounts to a whopping $46.2 billion. This figure is based on an average downtime cost of $8,662 per minute, as reported in a 2017 study. The research highlights the significant impact of downtime in the manufacturing sector, where production halts directly affect sales revenue.
The study also revealed a concerning trend of increasing downtime caused by ransomware attacks, with the average duration nearly doubling from 6.4 days in 2021 to 12.2 days in 2022. The longest recorded downtime periods in each of these years were 32 days and 76 days, respectively. Rebecca Moody, head of data research at Comparitech, attributed this trend to cyber attackers evolving their malware to outpace organizations’ defenses.
Furthermore, the analysis uncovered a wide range of ransom demands issued to manufacturing companies, ranging from $5,000 to $50 million. Notably, the average ransom demand peaked at $21.9 million in 2021 before decreasing to $8.8 million in 2022 and $1.7 million in 2023. While only four manufacturing companies reportedly paid extortion demands, many organizations may choose not to disclose such information for fear of further vulnerability to attacks.
In addition to financial losses, the research found that at least 7.5 million records were breached as a result of the 478 ransomware attacks analyzed. Egregor and Conti were identified as the dominant ransomware strains targeting manufacturing organizations in 2020 and 2021, respectively, while LockBit emerged as the dominant strain in 2022 and 2023.
The analysis also highlighted fluctuations in the number of ransomware attacks targeting the manufacturing sector, with 2020 and 2021 recording the highest numbers at 167 and 148 attacks, respectively. A decrease to 81 attacks in 2022 was followed by an uptick to 55 incidents in the first half of 2023. Moody noted a shift in the narrative around ransomware attacks, with companies becoming more open about breaches.
Furthermore, recent trends observed by cybersecurity experts include a rise in data exfiltration as part of ransomware incidents, increasing the pressure on victims to pay ransoms. The emergence of “exfiltration only” ransomware attacks and sophisticated tactics by threat actors targeting supply chains reflect the evolving landscape of cyber threats facing the manufacturing sector.
As ransomware attacks continue to pose significant risks to manufacturing companies worldwide, proactive cybersecurity measures and threat intelligence are crucial in mitigating the impact of these malicious activities. By staying vigilant and adopting robust cybersecurity protocols, organizations can bolster their defenses against ransomware threats and safeguard their operations and data from potential breaches.