The manufacturing industry spent more than any other sector last year on ransomware payments, paying out $6.9m, according to a new study by Kivu Consulting. This represents 62% of the total $11m+ of ransoms transferred to cyber-criminals throughout 2019, despite manufacturing only making up 18% of all paid ransom cases.
Over two-thirds (67%) of paid ransomware attacks against organizations from this industry were conducted via a crypto-ransomware called Ryuk. This uses encryption to block access to a system, file or device until a ransom is paid.
In total, Kivu Consulting said that it had facilitated 143 cases of ransom payments in 2019. Its analysis is based on data from 63 of those cases where the industry was identified and recorded.
The report revealed that healthcare was the sector most frequently hit by ransomware threat actors in 2019, making up 28% of cases in which ransoms were paid out. Healthcare institutions are also known to be facing increasing threats from cyber-criminals during COVID-19, including ransomware attacks.
Another major finding from the study was that ransomware attackers targeted organizations of all sizes rather than just large corporations and businesses, utilizing a range of tactics.
Elgan Jones, CIO and managing director at Kivu Consulting , said: “This latest report is a testament to the exclusive insight Kivu is able to produce from over 700 ransomware cases and with over four years of work in this area. Evaluating cyber-threat trends from ransom payments is something we will continue to do, and we look forward to sharing those findings with our partners going forward.
“Our hope is that this report and other research we produce helps to inform insurance carriers’ and law firms’ services to better support their customers in navigating the cyber-risk landscape.”