Manufacturing companies hit by the worst encryption rate in three years 

A recent survey by Sophos found that two-thirds of manufacturing companies hit by ransomware also suffered data encryption

Sophos, a leader in next-generation cybersecurity, announced a sectoral survey report, ‘The State of Ransomware in Manufacturing and Production 2023.’ It found the highest reported encryption rate in three years. In more than two-thirds – 68 percent – of attacks against the manufacturing sector, the adversaries successfully encrypted data. 

This is the highest reported encryption rate for the sector over the past three years. It’s in line with a broader cross-sector trend of attackers more frequently succeeding in encrypting data.  

However, in contrast to other sectors, the percentage of manufacturing organizations that used backups to recover data has increased. 73 percent of the companies surveyed this year use backups versus 58 percent in the previous year. Despite this increase, the sector still has one of the lowest data recovery rates.  

“While ransom payments cannot always be avoided, we know from our survey response data that paying a ransom doubles the costs of recovery,” said John Shier, Field CTO at Sophos. “With 77 percent of manufacturing organizations reporting lost revenue after a ransomware attack, this added cost burden should be avoided, and priority placed on earlier detection and response.”  

Manufacturing and production also reported longer recovery times this year. In 2022, 67 percent of organizations recovered within a week, but this year, only 55 percent recovered within a week.   

Sophos delves deeper into the issue in its newly released three-part ‘Think You Know Ransomware?’ documentary series. It looks at a large-scale ransomware attack against a manufacturing company to learn about the aftermath and investigation of attacks.  

Its experts recommend several best practices, such as maintaining good security hygiene, strengthening device shields, and optimizing attack preparation.