Reports show that there are roughly 10 million manufacturing companies worldwide. The top factories with the highest manufacturing output are from China, the United States, Japan, Germany, and South Korea. These companies differ depending on the type of production processes they offer. However, in the attacker’s eye, they see that these companies are easy prey to strike into and earn a vast amount of money by using ransomware.
Why are they targeting Manufacturing companies?
In 2019, Cyber Security researchers noticed a 156% increase in the recorded ransomware cyber-attacks on Manufacturing companies. Cybercriminals earned a total of $6.9 million US dollars from ransom attacks on the manufacturing industry. This year, they are still focusing on attacking this industry and are eager to earn more money from the affected companies.
Developers of ransomware are implementing exploits that can attack the ICS (Industrial Control Systems) of the manufacturing company by injecting codes that can examine the system’s vulnerability and laterally propagate to the IT and OT networks.
EKANS, Megacortex, and Clop are some of the ransomware that targets the ICS operations by terminating the system’s processes and encrypting the files associated with the procedures.
With the Manufacturing industry, downtime means everything. When the systems and machines encounter downtime, its quality, availability, and performance are disrupted. Consequently, this industry cannot allow a more extended interruption on the production. Cybercriminals see this as a go signal to attack the company by installing ransomware on their system. Most likely, the company will agree and pay the ransom to continue the operation. Healthcare such as Pharmaceutical makers has been highly visible to the attack since the operational and financial impact on those organizations is massive.
In October 2020, a total of 262 vulnerabilities were detected on manufacturing equipment. Furthermore, the deployed security tools in the Manufacturing industry are not strong enough to handle cyber-attacks, and legacy systems are susceptible to threats. The set-up of the manufacturing supply chain also adds to the risk of the network. One fact is that ransomware groups leverage RDP (Remote Desktop Protocol), VPN, and unpatched software to obtain access to their targeted company. Nation-state threat actors are also targeting the manufacturer‘s intellectual properties that can range from recipes, blueprints, and formulas as a part of the ransom tactic to the target organization.
A security breach’s damaging effect may outlay a financial loss, reputational destruction, operational interruption, and legal implications. Placing security measures such as tools and services can prevent a detrimental business impact when a security breach happens.