Manufacturers Beware: Ransomware Remains A Top Cyber Threat

By JP Perez-Etchegoyen, Chief Technology Officer, Onapsis

The Federal Bureau of Investigation (FBI) recently unveiled its latest Internet Crime Report, documenting the top cyber complaints from the past year as reported to the Internet Crime Complaint Center (IC3). In what should come as no surprise to practitioners in the industry, manufacturing ranked second among critical infrastructure sectors most commonly victimized by ransomware attacks in 2022.  

While ransomware threats are not a new development across the industry, the FBI’s latest figures emphasize the need for manufacturers to recommit to cybersecurity in general, as well as ransomware detection and mitigation in particular. Of the attacks reported to the IC3, ransomware was responsible for more than $34 million in losses last year alone. According to the results of a recent survey from Capterra, 61% of businesses have been affected by some kind of supply chain threat within the past year. 

With these concerns in mind, manufacturers are constantly looking for new ways to secure their business applications. These applications, including critical enterprise resource planning (ERP), supply chain systems, and more, support the core of their day-to-day operations. Let’s explore the issue of ransomware in manufacturing in more detail and discuss some of the top considerations for manufacturers looking to mitigate this ever-present threat. 

Manufacturing as a target 

Between accelerated demand for digital transformation, the pressures of maintaining uptime, and the complexity of supporting IT and OT environments, the manufacturing sector has a uniquely broad attack surface for cybercriminals to target. 

Supplemented by staffing shortages and the widening cybersecurity skills gap spreading across industries, manufacturers are dealing with limited visibility into, and protection of, the data within the systems that support digital supply chains and other business-critical operations. Without a picture of the full manufacturing environment, it can be difficult for organizations to pinpoint where potential vulnerabilities may lay and, consequently, to mitigate the threats associated with them. 

This combination of factors makes the industry a prime target for ransomware, especially considering the costly ramifications of even short periods of downtime for manufacturers.  

The latest developments

According to the latest figures from the FBI, the IC3 received a grand total of 870 complaints from critical infrastructure organizations that fell victim to a ransomware attack in 2022. This number represents a stark increase from the 649 such complaints received the year prior. 

Only the healthcare and public health sector reported more instances of ransomware than the manufacturing industry over the past year. Manufacturing’s 157 reported ransomware attacks represent a staggering 242% increase from 2021. 

As prominent as the issue of ransomware has been in recent years, the data collectively suggests that manufacturing organizations are not yet prepared to defend themselves from these attacks. Manufacturers must evaluate their security posture and recognize where gaps exist to avoid being the industry’s next ransomware victim. 

Staying a step ahead

Unfortunately, there is no secret sauce for protecting against ransomware attacks, but there are several steps that organizations can take to better prepare themselves in the event of a threat. 

Visibility is the key for manufacturers and the explanation behind it is simple. Without having insight into the full business application landscape, organizations have no way to monitor the potential vulnerabilities that may impact their critical operations. These applications serve as the foundation for manufacturing and threats to these platforms have the potential to interfere with business continuity, product safety, and quality. 

It is also important for an organization’s vulnerability management process to monitor specifically for flaws in business applications. Teams need strategic threat intelligence to indicate the severity of a flaw, context of the threat landscape, and the corresponding game plan for responding to that flaw. Vulnerabilities used in ransomware, and the ones with potential to be used, should be prioritized, as with basic cybersecurity hygiene.

At the crux of ransomware defense is a strategic incident response plan. Teams must be equipped to react in the face of an attack with a plan centered on their business systems. When an emergency situation arises, generic recommendations will not suffice. Organizations need insights tailored to the applications and systems that they have in place.

Building a better future

With the number of ransomware attacks targeting manufacturers growing aggressively, organizations across the industry are facing the challenge of protecting their critical systems while maintaining the safety of their products and meeting increasing demand for digitization and sustainability. 

Defending against ransomware can be a daunting task, but visibility, monitoring, and remediation of potential vulnerabilities in the business applications that drive the organization can provide the peace of mind that manufacturers desire.