Ransomware’s Threat Grows

Persistent training is key to minimizing ransomware attacks.

By Laura Elan, MxD

Ransomware breaches increased by 13% from 2021 to 2022, more than the increase over the previous five years combined, according to Verizon’s 2022 Data Breach Investigations Report. There were 236-million ransomware attacks globally in the first half of 2022 alone.

The impact of ransomware has been especially hard on the manufacturing sector which, according to IBM’s X-Force Threat Intelligence Index 2023, is hit with more cyberattacks than any other industry. 

“Ransomware attacks strike hard and fast. They are evolving rapidly; they are all-pervasive,” said Lindy Cameron, CEO of Britain’s National Cyber Security Centre, in a June 2022 speech. It’s “the biggest global cyber threat we still face.” 

Ransomware accounted for 17% of cyberattacks last year, according to IBM, which previously noted that, “ransomware actors, in particular, find manufacturing to be an attractive target, likely due to these organizations’ low tolerance for down time.”

Put simply, ransomware is malicious software, or malware, that locks up resources or data or both. In such an attack, these so-called cyber kidnappers encrypt data and then demand ransom in exchange for a decryption key. Or they take over a network, disabling computer access until they get paid. Often, they ask for compensation in cryptocurrencies. 

Ransomware can be unleashed in a company’s network in several ways, including when an employee unknowingly visits a website that is infected with malware. The most common route is through email phishing. Phishing messages and their dangerous links are disguised to look like they came from the boss or large, known and trusted companies. 

The costs of these attacks, and the ransom demands, are also on the rise. IBM last year put the global average price of a ransomware attack at $4.54 million, not including the ransom. According to a recent survey, many small- and medium-sized businesses said they would likely not survive such an attack. 

Government agencies, including the FBI, discourage payment of ransoms, but two-thirds of firms do pay, according to the 2022 Cyber Readiness Report by insurer Hiscox. 

Colonial Pipeline, which was shut down by a ransomware attack in 2021, paid Russian-based cybercriminals $5 million in ransom, the company’s CEO told a Senate committee. U.S. law enforcement officials later said they were able to recover about half of that amount, which Colonial paid in bitcoin.

How can companies combat ransomware? The most important tool, experts say, is to train and retrain employees about how to detect and avoid phishing emails. Companies must stress the importance of not clicking on links or responding to emails that look suspicious.

Good email spam filters are also crucial as they help keep suspicious emails from ever reaching an inbox. These steps become more important as cybercriminals make their emails look more and more authentic. 

Additional resources on ways to prevent phishing and ransomware are available in the MxD Cyber Marketplace. MxD’s free Playbook for CMMC 2.0 Level 1 is also designed to help manufacturers and their suppliers prepare to meet the upcoming Department of Defense cybersecurity requirements. EP