Manufacturers Rank as Ransomware's Biggest Target

In the past year, the manufacturing industry has been the top target for ransomware groups, due to the sector's lack of technological advancement, even as its digital footprint continues to grow.

According to a study released by Black Kite, the manufacturing sector accounts for 21% of ransomware attacks and places manufacturing entities at a significantly high risk, making them more than three times as likely to suffer a ransomware attack.

Not just this, but out of the 5,000 companies that were examined, 80% of manufacturing companies have "critical" CVSS-rated vulnerabilities, 67% of which are already listed in the Known Exploited Vulnerabilities (KEV) catalog maintained by the Cybersecurity and Infrastructure Agency (CISA). 

"The manufacturing industry stands at a critical juncture, where the stakes of third-party risk have never been higher," the Black Kite researchers wrote. "The rapid pace of digital transformation has opened new avenues for efficiency and innovation but has also introduced significant vulnerabilities."

The threat actors are aware of the weak links that have opened up due to the industry's rapid growth and are aware that "these companies play critical roles within global supply chains."

When one operation or company in the chain gets attacked, it can lead to a domino effect and "cascading operational disruption and financial and reputational damage." In short — when threat actors target both manufacturing and supply chains, they get more bang for their buck if they succeed.

Manufacturing a New Defense

So, what can enterprises that are more likely to fall victim to an attack do to prevent the worst from happening?

First, organizations must recognize that though many systems will be affected when updated, that doesn't justify allowing systems to become exposed on the Internet. 

"Patch management is the first line of defense, yet it's widely neglected in this industry," Ferhat Dikbiyik, chief research and intelligence officer at Black Kite, tells Dark Reading. With a majority of these organizations having Internet-facing assets that are likely rife with vulnerabilities, Dikbiyik says this is low-hanging fruit for threat actors and must be addressed as quickly as possible.

In addition, organizations must address exposed credentials and better secure their Web applications to prevent becoming the next ransomware statistic, he adds.

"Cybersecurity doesn't have to be a barrier to innovation — it can be a growth enabler," Dikbiyik says. "With the right cyber defenses in place, manufacturers can protect their expanding digital operations while continuing to grow without sacrificing safety."