Sophos has published the results of its new industry survey “The State of Ransomware in Manufacturing and Production 2021”. The report shows that companies in the industry had the lowest probability of paying a ransom (19%) while they were the most likely to be able to restore data from backups (68%). However, manufacturers and producers are more concerned than any other sector that they will be attacked by a blackmail virus in the future, as the latter are so complex that it is becoming increasingly difficult to stop them.
Data backup practices and ransom a high degree of refusal to pay could be the reason why this sector has been most affected by attacks based on secondary blackmail. This pressure technique does not encrypt the files, but threatens to leak the stolen information online if the ransom claim is not paid.
Findings of extortion virus incidents in the manufacturing and production sectors include:
- 36% of the companies surveyed were attacked by a blackmail virus in 2020.
- Blackmail virus victims 9% compared to the global average of 7%
- The average cost of recovery from an extortionist virus was $ 1.52 million, less than global average $ 1.85 million
“The industry’s ability to restore data from backups in many cases allows many companies to to deny attackers ransom claims for traditional encryption-based extortion virus attacks, “said Chester Wisniewski, senior researcher at Sophos and. “However, it also means that attackers will be forced to look for other ways to make money from their victims. These include stealing data and threatening to leak company information if their financial claims are not met. Backups are vital but do not protect against this. Organizations need to extend their protection against the extortion virus by combining technology and cyber-attacks. “
The results also show that manufacturing and production companies are more concerned than any other sector about future blackmail virus attacks. 60% of respondents say this is because the attacks are so complex that it is becoming increasingly difficult to stop them. 46% say that due to the high prevalence of the extortion virus, it is inevitable that they will be caught by cybercrime.
Sophos recommends that organizations follow the following best practices in any sector:
1. Expect your body to be attacked. The extortion virus remains extremely prevalent. There is no sector, country, or organizational size that would be immune to risk. It is better to be ready without attack than vice versa
2. Make regular backups. Routine backups are the number one method that organizations use to restore their data after attacks. Even if organizations pay the ransom, attackers rarely restore all data, so backups are essential in any case. Seek an approach that makes at least three different copies with two different backup systems and keeps at least one copy offline, preferably in another location (offsite backup)
3. Apply multi-layer, depth protection. Due to the significant increase in blackmail attacks, it is more important than ever to keep attackers away from the network.
4. It combines human expertise and anti-extortion technology. The key to stopping the blackmail virus is in-depth protection, which combines dedicated anti-blackmail virus technology and human-led hunting of threats by flesh and blood. Technology provides scalability and automation, while human experts are best at identifying telltale tactics, techniques, and procedures that indicate that a trained attacker is trying to break into your network. Seek the support of a cyber security company to strengthen your in-house expertise. Security Operations Centers (“SOCs”) are already a realistic option for organizations of any size
5. Don’t pay the ransom if possible. Regardless of ethical considerations, paying a ransom is not an effective way to recover data. Sophos’ research shows that, after paying the amount claimed, attackers will only recover two-thirds of the encrypted files on average
6. Have a recovery plan in case of a virus incident that you are constantly testing and updating. This way you have a good chance of avoiding most of the cost, headache and chaos.
Hardware, software, tests, curiosities and colorful news from the IT world by clicking here!