3

Manufacturing and production companies hit by ransomware least likely to pay ran...

 2 years ago
source link: https://itwire.com/guest-articles/manufacturing-and-production-companies-hit-by-ransomware-least-likely-to-pay-ransom,-according-to-sophos-survey.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Wednesday, 29 September 2021 12:39

Manufacturing and production companies hit by ransomware least likely to pay ransom, according to Sophos survey

By Sophos

GUEST RESEARCH: Manufacturing and production companies were the least likely (at 19%) to pay ransom and the most likely (at 68%) to be able to restore data from backups, according to a study by cybersecurity company Sophos.

The State of Ransomware in Manufacturing and Production 2021 found that the practice of backing up data could be a reason why the manufacturing and production sector was the most affected by extortion-based ransomware attacks.

This involves a pressure technique where attackers do not encrypt files but rather threaten to leak stolen information online if a ransom demand isn’t paid.

The survey studied the extent and impact of ransomware attacks during 2020 and highlighted the following:

  • 36% of the businesses surveyed were hit by ransomware in 2020
  • 9% of ransomware victims were hit with extortion-based ransomware attacks, compared to a global average of 7%
  • The average ransomware recovery cost was $1.52 million, less than the global average of $1.85 million

“The sector’s high ability to restore data from backups enables many companies to refuse attacker demands for payment in the case of traditional, encryption-based ransomware attacks,” explains Sophos principal research scientist Chester Wisniewski.

Wisniewski however is quick to point that adversaries are forced to find other approaches to make money from victims such as stealing data and threatening to leak company information if their financial demands aren’t met.

“Backups are vital, but they cannot protect against this risk, so manufacturing and production businesses should not rely on them as an anti-extortion defence. Organisations need to extend their anti-ransomware defences by combining technology with human-led threat hunting to neutralise today’s advanced human-led cyberattacks,” Wisniewski recommends.

The findings also show that manufacturing and production companies worry more than any other sector about being attacked with ransomware in the future.

60% of respondents worry because the attacks are sophisticated, and they have become harder to stop. 46% believe that since ransomware is so prevalent, it is inevitable they’ll get hit by the cybercrime.

In the light of the survey findings, Sophos experts recommend the following best practices for all organisations across all sectors:

1. Assume the organisation will be hit. No sector, country, or organisation size is safe from risk. It’s better to be prepared and not be hit than the other way round.

2. Make frequent backups. Routine backups are the number one method organisations used to get their data back after an attack. Even if organisations pay the ransom, attackers rarely return all of the data, so backups are essential either way. Aim for an approach that involves at least three different copies, using at least two different backup systems, and with at least one copy stored offline and preferably offsite.

3. Deploy layered protection. In the face of the considerable increase in extortion-based attacks, it is important to keep the adversaries out of the network in the first place. Use layered protection to block attackers at as many points as possible across an entire estate.

4. Combine human experts and anti-ransomware technology. The key to stopping ransomware is defence in depth that combines dedicated anti-ransomware technology and human-led threat hunting. Technology provides scale and automation, while human experts are best able to detect the tell-tale tactics, techniques and procedures that indicate when a skilled attacker is attempting to break in. To bolster in-house skills, enlist the support of a specialist cybersecurity company. Security operations centres (SOCs) are now realistic options for organisations of all sizes.

5. Don’t pay the ransom, if this is an option. Independent of any ethical considerations, paying the ransom is an ineffective way to get data back. Sophos research shows that after a ransom is paid adversaries will restore, on average, only two-thirds of the encrypted files.

6. Have a malware recovery plan and continuously test and update it. The best way to stop a cyberattack from turning into a full breach is to prepare in advance. Organisations that fall victim to an attack often realise they could have avoided a lot of cost, pain and disruption, if they had an incident response plan in place.

The State of Ransomware in Manufacturing and Production 2021 survey polled 5,400 people working in a leadership role in IT, including 438 in manufacturing and production companies, in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK