Ransomware Attacks on Manufacturing Surge to Five-Year High in 2023
Ransomware attacks against manufacturing and production organizations reached a five-year peak in 2023, with two-thirds of companies in the sector reporting incidents, according to a Sophos report. Of those targeted, over 60% paid a ransom nearly double the 34% rate in 2022 making manufacturing one of the top-paying industries alongside energy and oil and gas.
Sophos Field CTO John Shier noted that manufacturing firms face higher success rates for attacks due to perceived vulnerabilities, encouraging threat actors to target the sector. The average ransom payment surged 88% to nearly $2.4 million, with 60% of initial demands exceeding $1 million. Recovery costs also climbed, averaging $1.7 million a 55% increase from 2022.
The impact of such attacks was demonstrated by Clorox, which suffered severe operational disruptions and $49 million in recovery expenses following an August 2023 cyberattack. The report, based on a survey of 585 IT and cybersecurity leaders across the Americas, EMEA, and Asia-Pacific, underscores the growing financial and operational risks ransomware poses to the manufacturing sector.
Source: https://www.cybersecuritydive.com/news/ransomware-manufacturing-sector/719020/
The Clorox Company cybersecurity rating report: https://www.rankiteo.com/company/the-clorox-company
"id": "THE1770530370",
"linkid": "the-clorox-company",
"type": "Ransomware",
"date": "6/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Manufacturing/Production',
'name': 'Clorox',
'type': 'Company'}],
'date_publicly_disclosed': '2023',
'description': 'Ransomware attacks against manufacturing and production '
'organizations reached a five-year peak in 2023, with '
'two-thirds of companies in the sector reporting incidents. '
'Over 60% of targeted companies paid a ransom, nearly double '
'the 34% rate in 2022. The average ransom payment surged 88% '
'to nearly $2.4 million, with 60% of initial demands exceeding '
'$1 million. Recovery costs also climbed, averaging $1.7 '
'million. Clorox suffered severe operational disruptions and '
'$49 million in recovery expenses following an August 2023 '
'cyberattack.',
'impact': {'financial_loss': ['$2.4 million (average ransom payment)',
'$1.7 million (average recovery cost)',
'$49 million (Clorox recovery expenses)'],
'operational_impact': 'Severe operational disruptions'},
'motivation': 'Financial gain',
'post_incident_analysis': {'root_causes': 'Perceived vulnerabilities in '
'manufacturing sector'},
'ransomware': {'ransom_demanded': ['>$1 million (60% of cases)',
'Nearly $2.4 million (average)'],
'ransom_paid': '60% of targeted companies'},
'references': [{'source': 'Sophos Report'}],
'title': 'Ransomware Attacks on Manufacturing Surge to Five-Year High in 2023',
'type': 'Ransomware'}