CIO Influence
Featured Information Management Security

Manufacturing and Healthcare among Worst-hit Industries by Ransomware Attacks

Manufacturing and Healthcare among Worst-hit Industries by Ransomware Attacks

For a very long time, it was assumed that every company that works with data is a target for ransomware attacks. IT companies, in particular, report the maximum number of ransomware attacks. They gain a lot of attention due to their supposedly high-level of technology integrations and risk assessment policies that should ideally be potent to stop a ransomware attack. However, this is not the whole truth.

Manufacturing is the top industry to be hit by ransomware

NordLocker’s research covered 18 industries that are most likely to be hit by ransomware attack based on historical data. It found that the manufacturing industry (10.2% of all attacks) is most likely to be hit by ransomware worldwide than any other industry.

Recommended: Dell Technologies Transforms the Edge with Project Frontier Software Platform

According to NordLocker’s latest report, ransomware attacks target a variety of industries, of which, manufacturing was attacked the most number of cases (436 cases reported), followed by Construction, Logistics, Tech/ IT and others. Healthcare industry was attacked 259 times. These companies, by virtue of their operations and data management infrastructure, already handle a lot of data, and these factors attract threat agents from all parts of the world. These industries, particularly, banking, healthcare, and manufacturing reported so many attacks via ransomware vectors, is because of their high rate of success in attacks penetrating through the firewall and cyber security platforms.

Based on the research, any organization could fall victim to the rising varieties of ransomware attacks, including government offices, NGOs and military organizations. Apart from building a strong ecosystem of security tools, organizations should invest in training their employees and associates in the “Do’s and Don’ts” of enterprise data management, even if it means pro-actively setting up a disaster recovery plan with back ups and software installations. The report recommends, “NEVER PAY THE ATTACKERS.”

Geographically, the US remains the number one target for attackers. US companies are the most affected by ransomware, with almost half (46%) of all ransomware attacks happening there, followed by Canada, the UK, France, and Germany, new research by cybersecurity company NordLocker reveals. The new study analyzed numerous databases of ransomware incidents that affected over 5,000 companies worldwide. With a collective revenue of 4.15 trillion USD, the companies under investigation produce more value than Germany’s entire GDP.

The research was conducted with the purpose of discovering which companies are at the highest risk of being targeted by ransomware. Apart from the geographic variable, researchers looked at factors such as which ransomware groups are the most active, the most affected industries, company revenue, and employee count.

At the time of this announcement, NordLocker’s Tomas Smalakys said –

“Ransomware gangs usually decide who their next target is based on two criteria. The first one is how likely the targeted company is to pay up, which is weighed by looking at variables such as the company’s importance in supply chains, the quantity of confidential information that it handles, and other factors that, in the case of an attack, put pressure on the company to get operations back up and running. The second criteria is more straightforward and primarily deals with the depth of the company’s pockets and how lacking in cyber defenses their business is.”

Read More: Data Mastering as a Key Component of Data Mesh

Tomas added, “When you look at the data through this lens, you see why certain industries are more affected than others.”

Small businesses beware

Business size is another major indicator of how likely a business is to be targeted by a ransomware attack. Small-sized businesses (up to 200 employees) are at the highest risk of being attacked by ransomware worldwide, being the targets for more than half of all attacks (58.8%). Companies with an employee count of between 201-500 are the victims of 16.1% of attacks, while those with between 501-1000 employees are victims of 8.9% of ransomware hacks, and those with 1000+ deal with 16.2% of attacks.

“Small businesses are top targets for ransomware gangs because, for them, cybersecurity is often an afterthought. Smaller companies justifiably prioritize growing their operation, leaving cybersecurity on the sidelines. This, combined with the usually thin profit margins small businesses endure, makes them not only easy to hack but very likely to pay up as well because they do not have the funds to sustain a prolonged halt to operations,” says Tomas Smalakys.

What else did the research find?

  • Among the affected organizations are some of the most influential institutions worldwide, including several Fortune 500 companies and one of the top educational institutions in the US.
  • LockBit group is the most active ransomware gang worldwide, responsible for 16.4% of attacks. LockBit is closely followed by Conti (15.3%), Pysa (6%), REvil (5.4%), and Maze (5.1%).
  • 5.6% of ransomware attacks targeted public sector institutions,  even though less than 1% of companies worldwide are publicly traded, they make up 16.6% of targeted companies.
  • The state of Michigan is the most affected by ransomware. Missouri — the least.
  • Companies with annual revenue between 10-25M USD are targeted by ransomware the most (18.1%). Interestingly, companies with more than 1B USD in annual revenue are the targets behind 10.1% of attacks.

USE CODE “RANSOMWARE” TO GET 3 MONTHS OF NORDLOCKER BUSINESS FREE OF CHARGE

NordLocker is a cloud storage solution with an emphasis on security. NordLocker stores and encrypts your company’s data, making it virtually inaccessible to anyone with malicious intent. With NordLocker, you can make sure your data is protected and quickly restore it if it’s been damaged or lost, minimizing business interruptions and downtime.

Methodology: Data was collected from publicly available blogs where ransomware gangs post the names of their victims and their demands. The ransomware attacks under investigation all happened during the period between 01/01/2020 to 01/07/2022. Financial and industry information was collected from publicly available databases.

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Palo Alto Networks Unit 42 Helps Customers Better Address Cybersecurity Threats Through New MDR Service

Backblaze Doubles Down on Security With Open Bug Bounty Program

CIO Influence News Desk

Leading Enterprises Turn to Magnet AXIOM Cyber to Investigate Critical Cybersecurity Incidents

CIO Influence News Desk