Manufacturing and production entities impacted by ransomware
attacks paid the highest ransoms across all sectors with an average payment of $2,036,189, compared with only $812,360 overall average ransomware payment, ZDNET
More than $100,000 was paid by 37% of ransomware-hit organizations in the manufacturing industry, while 8% provided ransoms exceeding $1 million to obtain a decryption key, according to a report from Sophos.
However, those that paid a ransom only recovered 59% of data on average, compared with 61% of data recovered on average across all industries.
Thirty-eight percent of ransomware attack attempts against manufacturing and production organizations were also averted prior to data encryption, indicating the importance of proactive threat detection within networks.
"Manufacturing is an attractive sector to target for cybercriminals due to the privileged position it occupies in the supply chain. Outdated infrastructure and lack of visibility into the OT environment provide attackers with an easy way in and a launching pad for attacks inside a breached network," said Sophos Senior Security Advisor John Shier.