Ransomware Insights: Why Hackers Are Targeting Manufacturers
None of us can deny that 2020 unleashed its unique fury upon us. Not only did our personal lives take a huge hit, but businesses worldwide suffered from an array of threats. Some industries hurt more than others. And unfortunately, there’s been a recent spike in ransomware attacks on manufacturers — but why? Here’s what we know about these attacks and how to protect your company against them.
Ransomware is a cybercrime that is as vicious as it sounds. Cybercriminals use malicious software to encrypt a target company’s files, making them inaccessible. Only by paying a ransom — usually in bitcoin — can the company regain access to their files. Sometimes, these ransoms can be astronomical amounts of money, ranging from hundreds to millions of dollars.
You might also like: Rise of Ransomware: How to Protect Your Business
It’s no surprise that cybercriminals have all but perfected their attack methods. Phishing and social engineering remain the two most common ways to gain entry. Briefly, phishing is a malicious link in a seemingly innocent email from an outsider, while social engineering is similar, but the email appears to come from a trusted source. In either case, the receiver opens the email, clicks the link, and the cybercriminal gains entry.
Sadly, 13.9% of manufacturers reported that they experienced a ransomware attack in the past 12 months. These stark figures mean that the manufacturing industry is the second-most targeted market to date, with only the government sectors targeted more. It’s no surprise that attacks on manufacturers tripled in 2020.
Before we dive into the threat against manufacturers, let’s get some perspective by examining another genus for a moment. Some creatures in the animal kingdom are what we humans call opportunistic eaters. They’ll eat nearly anything that crosses their paths if they’re hungry, mainly preying on the perceived weaknesses of other animals. Lamentably, cybercriminals aren’t too far off from these hungry critters.
Cybercriminals have identified what they consider to be weaknesses in the manufacturing industry. For example, many manufacturers’ industrial control systems have weak security, making it a bullseye. Also, manufacturers can’t afford downtime, or even a pause in production ransomware typically causes. So, cybercriminals know they’re getting paid after executing a ransomware attack.
In 2019, the ransom payments from the manufacturing industry totaled a whopping $6.9 million. These payments made up 62% of all ransomware payments that year, and 2020 has only gotten worse. But we can’t point the finger at these target companies. Not a single one invited any criminal into its system, no doubt. Perhaps a better idea would be to look at the situation from all angles, including from a cybercriminal’s perspective.
Lastly, we must remember that this “opportunistic” approach isn’t merely based on industry type. Cybercriminals have more than exploited the pandemic, attacking anything that even remotely appears to be vulnerable. So, let’s review some ideas that might help to slow down these attacks.
Naturally, the manufacturing industry isn’t the only one that cybercriminals are targeting. Several other sectors fall closely behind manufacturing as being highly targeted, including construction, healthcare, professional services, to name a few. So what are these industries doing to ward off attacks that manufacturers could adopt?
For starters, as a manufacturer leader, you must develop a well-written plan outlining the best practices to control cybersecurity risks. This approach can help to reduce your company’s exposure to cyber threats. Can you provide more employee training regarding cybersecurity? Or could you increase your IT network security? These steps, and more, could help prevent a devastating attack.
Also, you must know and make visible every asset in your company. Without this vital information, you could get lost in the supply chain or orchestrate operations with inaccurate data. Sure, manufacturers often rely on a complicated chain of suppliers, and it’s easy for one bit of data to blend into another. However, keeping track of your inventory and suppliers will add one more much-needed layer of protection against hackers.
Every company, including manufacturers, should develop a risk management plan. This strategy typically involves strategic best practices, system and operational upkeep, and well-placed insurance policies. Aside from the foundational general liability policy, the following are a handful of the most popular coverage for manufacturers. For a more detailed review, please visit our Manufacturing page.
Cyber insurance protects companies from third-party lawsuits relating to electric activities (i.e., phishing scams). Plus, it offers many recovery benefits, supporting data restoration and reimbursement for income lost and payroll spent.
Professional liability, also known as errors and omission (E&O) insurance, covers companies in third-party or client lawsuits claiming substandard work or service. Work errors or oversights, missed deadlines, budget overruns, etc., often result in costly cases — but E&O insurance responds to these mishaps.
Whether it’s a devastating fire, natural disaster, or burglary, property insurance responds. This policy reimburses companies for direct property losses, supporting recovery and momentum.
Companies offering tangible products or services risk third-party lawsuits claiming bodily injury or property damage. Consider McDonald’s notorious “Hot Coffee” case in the 1990s, for example. No matter if the claims are grounded or not, this policy covers defense fees and settlements.
Understanding the details of what coverage your company needs can be a confusing process. Founder Shield specializes in knowing the risks your industry faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll walk you through the process of finding the right policy for you.
Want to know more about commercial insurance for manufacturing companies? Talk to us! Please contact us at email@example.com or create an account here to get started on a quote.
With cyber attacks on the rise for technology and late-stage companies, it’s up to risk management teams to build fortifying ransomware defense — here’s how.
Cybersecurity concerns skyrocketed during the past few years, especially for small businesses and technology companies — but how cyber literate are we really? Let’s find out!
Dark patterns are everywhere, from confusing ecommerce checkouts to unsubscribe links — and they impact data protection. Let’s talk about it.