Trade organization The National Association of Manufacturers (NAM) cautioned plant operators this month that ransomware attacks against manufacturing targets are increasing and urged facilities to “be on guard” against the threat.
Ransomware incidents disable operations technology until victims pay to restore functionality. NAM said that manufacturers that cannot afford to halt production often pay the ransom.
The use of ransomware attacks “increased significantly in 2021, with criminal groups specifically identifying manufacturers as vulnerable and profitable targets,” the organization said in a recent article. Citing data from industrial cybersecurity firm Dragos, NAM points out that manufacturing made up 65% of all industrial ransomware incidents last year.
Metal components (17%), automotive (8%), and plastics and technology (6%) were the top three manufacturing subsectors targeted by ransomware attacks during 2021.
Many manufacturing operations are currently unprepared for ransomware attacks. Dragos found that 90% of manufacturers have limited visibility into their OT systems and 90% have poor network parameters. More than three-quarters (80%) of operations have external connectivity exposure in their OT systems.
70% of attacks carried out by ransomware groups Conti and Lockbit 2.0 – which accounted for 51% of all ransomware attacks in 2021 – were focused on manufacturing plants last year.
“Ransomware trends are likely to continue shifting as groups reform and reprioritize and as law enforcement pursues them and takes them offline,” said Peter Vescuso, vice president of marketing at Dragos and a member of NAM’s Manufacturing Leadership Council, in the article. “As this evolution continues to evolve, Dragos analysts believe with a high degree of certainty that ransomware will continue to disrupt all industrial operations and OT environments through 2022, in manufacturing and beyond.”