Although more firms were backing up data to achieve resilience against ransomware attacks, other complications had cropped up …
In a 14-country January/March 2023 survey of 3,000 IT/cybersecurity leaders in organizations with between 100 and 5,000 employees on the ransomware situation in the manufacturing and production sectors, data showed that, despite an increase (15%) in the use of backed-up data to recover from attacks, data recovery rates were still among the lowest compared to the situation in other industries.
Additionally, despite the growing use of backups in the manufacturing and production sectors, respondents reported longer recovery times. In 2022, 67% of respondents in manufacturing organizations recovered from an attack within a week, while 33% recovered in more than a week. In the latest yearly survey, 55% of manufacturing organizations surveyed reported recovering within a week.
In 68% of ransomware attacks against the manufacturing/production sector, data was encrypted by the perpetrators: higher than in the past three years of this annual survey.
According to John Shier, Field CTO, Sophos, the firm that commissioned the survey: “Using backups as a primary recovery mechanism is encouraging, since the use of backups promote faster (ransomware attack) recovery. While ransom payments cannot always be avoided, we know from our survey response data that paying a ransom doubles the costs of recovery. With 77% of manufacturing organizations (in the survey) reporting lost revenue after a ransomware attack, this added cost burden should be avoided, and priority placed on earlier detection and response.”
Noting that the sector’s longer recovery times were a concerning development, Shier added that, based on his firm’s incident response cases, clients in the manufacturing sector had been consistently at the top of organizations needing assistance recovering from attacks. “This extended recovery is negatively impacting IT teams, where 69% of (respondents cited) that addressing security incidents was consuming too much time, and 66% were unable to work on other projects.”