Fifty-six percent of Manufacturers Surveyed Report Being Hit by Ransomware
A silent threat looms that can shut down your operation in a matter of minutes – ransomware. I have seen the devastating effects firsthand too many times. About half of our new clients become clients after they have been hit by a cyber-attack. Cybersecurity can no longer be a footnote in operational strategies or worse, ignored completely; it should be front and center.
Understanding the Ransomware Threat Landscape
Ransomware is a type of malicious software designed to encrypt data and block access to a computer system until a ransom is paid. Cybersecurity giant Sophos completed a survey of manufacturers earlier this year and the statistics are truly scary:
- 56% reported being hit by ransomware within the past year
- 68% of those hit could not contain the attack
- Only 27% could even slow the attack down before all of their data was encrypted
- The average recovery cost……$1.08 million
The Real Impact to Your Business
When you have been hit by ransomware it feels like someone has broken into your house, rummaged around, and stolen from you. The most unnerving part is not knowing if they are still in the house and what is going to happen next.
The repercussions of a ransomware attack go far beyond the ransom itself. Once the files are encrypted your entire operation can be shut down. The average time to recover from an attack is 22 days. Imagine the impact of being shut down for 22 days, it is devasting.
Responses like, “It can’t happen to us” that turns into “Why would they attack us?” are common. Companies in the Midwest (especially smaller companies) don’t think they are a target. If you have an Internet connection and a bank account, you are a target.
Doing the Bare Minimum is No Longer Enough
While the notion of doing the “bare minimum” in cybersecurity might have been sufficient a decade ago, today’s threats demand a more robust approach. Achieving a baseline cybersecurity posture will neutralize many of the common vulnerabilities that ransomware exploits.
Here is how you can get ahead of the next attack:
- Regular Software Updates, Patch Management, and Inventory
Ensure that all software, especially operating systems and applications used in production and operations, are regularly updated with the latest patches. No device should be more than 14 days out of date. This alone can close off many of the security gaps that ransomware attackers exploit and prevent nearly a quarter of all attacks.
24% of Attacks on Manufacturers Reported Exploited Vulnerabilities as the Root Cause
Inventory sounds like it should be a no brainer, but a shocking number of companies have no record of exactly who has what devices. If you don’t know what you have, you can’t keep every device up to date.
2. Employee Education and Awareness Training
Human error often serves as an entry point for ransomware. Regular training sessions for employees on recognizing phishing attempts and practicing safe browsing and email habits are crucial.
3. Access Controls, User Permissions and Passwords
Limiting user access on a need-to-know basis minimizes the potential impact of a ransomware attack. If an infection occurs, it’s contained to fewer areas, making it easier to control and resolve.
27% Reported Compromised Credentials as the Root Cause
4. Secure Backups
Regular, secure, and offsite backups can be a lifesaver in a ransomware incident. Even if data is held hostage, companies can restore their systems with minimal downtime. The critical piece is offsite and secure.
5. Incident Response Planning
Having a clear, tested incident response plan ensures that if an attack occurs, the organization can react quickly and effectively, reducing potential damage and restoring operations more rapidly.
6. Accountability
Accountability is critical when it comes to properly securing your network. Whether you are the business owner, a board member, or the person tasked with managing IT, you need a single report that shows that cybersecurity is being managed to the correct specifications.
WatchPoint IT Security Compliance Score
The growing threat of ransomware cannot be underestimated, and the statistics speak for themselves. With 56% of manufacturers reporting being hit by ransomware and the average recovery cost exceeding a million dollars, it is clear you can’t ignore this problem.
The impact of a ransomware attack extends far beyond the financial cost. It disrupts operations, compromises sensitive data, and creates a sense of vulnerability and unease. No company is immune to these threats, and it’s essential to take proactive measures to protect your organization.