For this series, MxD identifies the Top 7 cybersecurity threats that manufacturers face and suggests ways to mitigate them.
In this article, we’re highlighting ransomware.
Labeled “the biggest global cyber threat,” ransomware shows no sign of slowing.
Ransomware breaches increased by 13% over the past year, which is more than the increase in the previous five years combined, according to Verizon’s 2022 Data Breach Investigations Report. There were, according to Statista, 236 million such attacks globally in the first half of this year alone.
The impact has been especially hard on the manufacturing sector, which — according to IBM’s X-Force Threat Intelligence Index 2022 — is hit with more cyberattacks than any other industry. Ransomware accounted for 23% of those attacks last year, according to IBM, which noted that “ransomware actors in particular find manufacturing to be an attractive target, likely due to these organizations’ low tolerance for down time.”
Put simply, ransomware is malicious software, or malware, that locks up resources or data or both. In such an attack, these so-called cyber kidnappers encrypt data and then demand ransom in exchange for a decryption key. Or they take over a network, disabling computer access until they get paid. Often they ask for compensation in cryptocurrencies.
Ransomware can be unleashed into a company’s network in a variety of ways, including when an employee unknowingly visits a website infected with malware. But the most common route — with estimates as high as 90% — is through email phishing. Phishing messages and their dangerous links are disguised to look real, like they came from the human resources department, the boss, or large, trusted companies.
The costs of these attacks, and the ransom demands, are also on the rise. In its report, IBM put the average price of a ransomware attack at $4.54 million — and that does not include the ransom. According to a recent survey, many small and medium-size businesses said they would likely not survive such an attack.
Colonial Pipeline, which was shut down by a ransomware attack last year, paid Russian-based cybercriminals $5 million in ransom, the company’s CEO told a Senate committee. U.S. law enforcement officials later said they were able to recover about half of that amount, which Colonial paid in bitcoin
How can companies combat ransomware? The most important tool, experts say, is to train and retrain employees about how to detect and avoid phishing emails, with instructions stressing the importance of not clicking on links or responding. Good email spam filters are also crucial as they’ll help keep suspicious emails from ever reaching an inbox. These steps become more important as cybercriminals make their emails look more and more authentic.
Additional resources on ways to prevent phishing and ransomware are available in the MxD Cyber Marketplace.
A complement to the MxD Cyber Marketplace, MxD’s Playbook for CMMC 2.0 Level 1 is designed to help manufacturers and their suppliers prepare to meet the Defense Department’s upcoming cybersecurity requirements. It’s available for free download.