Data extortion ransomware attacks on manufacturing sector up 608% during COVID-19

Manufacturing organizations reported 228 ransomware attacks using data extortion in 2020, making it the 2nd most-targeted industry globally –

The global COVID-19 pandemic has disrupted the cybersecurity landscape, with ransomware seeing some of the largest pivots in attacker strategy, leaving organizations across sectors – including manufacturing – vulnerable.

Data from CrowdStrike Intelligence services reveals a surge in ransomware attacks during the pandemic, with data extortion becoming the most used attack method for all sectors – with 1,430 incidents reported globally in 2020.

The manufacturing sector was one of the most targeted by cybercriminals in 2020 during the COVID-19 pandemic. Even before COVID-19 was officially declared a pandemic, manufacturing was still a notable target for data extortion. The sector received 13 attacks between January and March, the highest out of any industry.

In the first emergency phase of the pandemic in Q2 2020, ransomware attacks on manufacturing organizations using data extortion techniques were up 185% compared to Q1. By Q4 attacks had continued to increase, so much so data extortion incidents were up by an average of 608% compared to pre-pandemic levels.

Overall, there were 228 attacks on the manufacturing sector recorded in 2020, ranking it in 2nd place in the most targeted industries list.

By comparison, the most target sector in 2020 by data extortion ransomware was Industrials & Engineering, recording 229 successful attacks, then Manufacturing (228 attacks), Technology (145), Retail (142) and Healthcare (97):

Although the manufacturing sector may not have been hit the hardest overall, the data suggests it was the hardest hit during the first quarter (before COVID-19 was officially declared a pandemic).

Data has already shown that the sector is particularly prone to paying ransoms to cybercriminals. In fact, $6.9 million was paid out during 2019 alone.

2021 has seen this trend continue – DopplePaymer recently threatened to leak sensitive Kia Motors data from if a ransom of $20 million is not paid.

There has been a notable shift from ransomware infecting machinery with the view to decommission its hardware to encrypting sensitive data files for threat of leaking them to competitors.

From a global perspective, North America recorded the highest levels of ransomware attacks in 2020 using data extortion (947 incidents). This is 177 percent higher than Europe (342 incidents) in second place and 1,313 percent higher than Asia in third place (67 incidents):

It’s clear data extortion has become the most lucrative ransomware method used by cybercriminals worldwide and the COVID-19 pandemic has certainly accelerated this shift.

The data also highlights that manufacturing organizations have become the main targets for ransomware attacks, meaning now, more so than ever, organizations need to invest in and strengthen their cybersecurity defenses with products including cloud-delivered endpoint protection.

To explore the data in full, click here.