The manufacturing and production industry has seen a 41% increase in ransomware attacks over the past four years, according to the latest Sophos State of Ransomware report. In 2023, 65% of organizations in this sector reported being hit by ransomware, up from 56% in 2022 and 55% in 2021.
Sophos highlighted that the increase in attacks is troubling, particularly because many organizations struggle to detect and respond to threats quickly. Criminals have noticed this weakness, leading to a surge in attacks not only on manufacturers but also on healthcare and financial services.
One alarming trend is the cybercriminals’ attempts to compromise backups. Of the manufacturing companies attacked, 93% said their backups were targeted, with over half of these attempts being successful. Also, 74% of ransomware attacks in this sector resulted in data encryption, higher than the cross-industry average of 70%.
Financially, the impact is significant. In 2024, manufacturing organizations reported an average cost of $1.67 million to recover from an attack, compared to $1.08 million the previous year. Despite this, 62% of companies chose to pay the ransom to recover their data, a sharp increase from 34% in 2023.
Sophos also noted a growing trend of organizations using multiple methods to recover encrypted data, with 45% opting for both ransom payments and backups.
With ransomware demands increasing, up 167% to a median payment of $1.2 million in 2024, the manufacturing sector has become a prime target. Security xperts stress the importance of focusing on detection and response times to mitigate these attacks.