Of all the different industries, businesses in manufacturing and production are the least likely to succumb to the demands of ransomware operators, a new report from cybersecurity company Sophos suggests.
Surveying 5,400 people in IT leadership roles, including 438 in manufacturing and production, Sophos found that less than one five (19 percent) manufacturing firms would pay the ransom demand. At the same time, they were most likely (68 percent) to restore data from backups.
Having a solid backup solution helps in the battle against ransomware, but it also creates a different problem: criminals pivot towards extortion-based ransomware attacks and threaten to leak stolen information online if their demands are not met. According to the report, the manufacturing and production industry was most affected by these types of attacks last year.
In total, more than a third (36 percent) of businesses surveyed were attacked with ransomware last year, with 9 percent of victims hit with extortion-based attacks (up from a global average of seven percent).
“Backups are vital, but they cannot protect against this risk, so manufacturing and production businesses should not rely on them as an anti-extortion defense,” said Chester Wisniewski, Principal Research Scientist at Sophos.
“Organizations need to extend their anti-ransomware defenses by combining technology with human-led threat hunting to neutralize today’s advanced human-led cyberattacks.”
To stay safe, Sophos recommends businesses make frequent backups, deploy layered protection, combine human experts with anti-ransomware tech, and have a ransomware recovery plan in place. And most importantly, companies are advised not to pay the ransom.
- Here's our rundown of the best identity theft companies out there