Between 2018 and 2023, 478 manufacturing companies have suffered a ransomware attack, leading to a loss of approximately $46.2 billion in downtime alone.
Serious cyber incidents affecting manufacturing companies can lead to significant disruptions to production lines. As a result, customer orders can be left unfulfilled and day-to-day operations come to a standstill.
Comparitech recently analysed how widespread these types of attacks on the manufacturing sector are to find out their true cost. Using their worldwide ransomware tracker, the Comparitech team searched for reports on the amount of downtime caused, how much data was stolen, how much the ransom demands were, and whether or not these ransom demands were met.
Between 2018 to July 2023 there were:
- 478 confirmed ransomware attacks on manufacturing companies.
- More than 7.5 million individual records were breached as a result of these attacks–at least.
- Ransom demands were found to be between $5,000 and $50 million.
- Hackers demanded an average of $11.2 million. Approximately $5.5 billion in ransom has been demanded in total.
- Only four companies are known to have paid the ransom but many organisations will withhold this information in fear it makes them more vulnerable to these attacks. A confirmed $750,000 was paid across two of these attacks.
- Downtime varied from several hours to 76 days.
- Manufacturers within the transportation/automotive sector saw the highest number of attacks (92), closely followed by electronics/appliances manufacturers (80).
- Egregor and Conti were the most dominant strains of ransomware in 2020 and 2021 (respectively) with LockBit dominating in 2022 and 2023 (so far).
Ultimately, these numbers show yet another example as to why manufacturers are so susceptible to attacks and why they must better secure themselves.