Posted inOpinion

Manufacturing and production industries are facing a 41% increase in ransomware attacks over four years – with no end in sight

A digitally empowered manufacturing landscape requires robust security measures to safeguard against evolving cyber threats.

The manufacturing industry is going through a massive transformation, and it’s exciting to see how quickly advanced technologies are being adopted to improve every aspect of the production process. From factory automation to data analytics, digitisation is at the core of this evolution. This has largely helped in transitioning from traditional, paper-based systems and embracing smart technologies and tools that make everything digital and more efficient. Whether it’s automation, data analytics, virtual reality (VR), augmented reality (AR), cloud-based systems, or digital twins, we’re seeing it all come together. As India moves into Industry 4.0, our manufacturing landscape has reached a critical turning point. In fact, by 2025, over two-thirds of manufacturers here are expected to fully embrace this digital transformation. This is a key component of India’s objective to increase the manufacturing sector’s share of GDP to 25 per cent.

Today, India is on the brink of becoming a global powerhouse in manufacturing. With initiatives like “Make in India,” we’re seeing a clear push to enhance domestic production, attract more foreign investment, and make Indian manufacturing truly competitive on the world stage.

As we move forward, India’s manufacturing base is growing to meet both domestic and global demand, and with that comes a massive boost in job creation. Let’s take the production of the iPhone 16 as an example. It is now being produced in India by women in Tamil Nadu, serving as a powerful symbol of change that is underway. Where we once relied heavily on imports, we’re now not only manufacturing but also exporting air conditioning equipment, with 50 per cent of the value being produced domestically. In addition to this, we have four new compressor plants set up in the country, which clearly indicates that India is well on its way to becoming a major exporter in this sector. This transformation is more about creating jobs, nurturing entrepreneurship, and empowering young men and women across the country.

However, this rapid digital transformation also heightens the risk of cyber threats for businesses. As manufacturers adopt smart devices and interconnected systems, new vulnerabilities emerge, providing cybercriminals with opportunities to exploit these weaknesses. Ransomware attacks, data breaches, and operational disruptions pose significant threats, jeopardising not only financial stability but also the integrity of supply chains.

According to the Sophos State of Ransomware in Manufacturing report for 2024, manufacturing and production industries recorded the highest growth in ransomware incidents, with a 9 per cent increase. Remarkably, 65 per cent of organisations in this sector reported being affected by ransomware last year, up from 56 per cent in 2023 and 55 per cent in 2022, marking a staggering 41 per cent increase since 2020. Alarmingly, six in ten victims opted to pay the ransom; this represents a near doubling of the payment rate compared to our previous study.

The rising number of victims and their challenges in detecting and responding to threats is concerning. Criminals are acutely aware of their success rates in targeting manufacturers, healthcare, and educational institutions. With more than 60 per cent of manufacturing victims choosing to pay a ransom, and the median payment soaring to USD$1.2 million, manufacturers are increasingly viewed as lucrative targets.

To mitigate these risks, organisations must prioritise threat detection and response capabilities. While many companies restored encrypted data using backups, the number of incidents where data remained encrypted indicates a critical need for effective monitoring and proactive threat hunting. A comprehensive defence strategy against these direct attacks necessitates a multifaceted approach that encompasses prevention, detection, and rapid response.

To gain a broader perspective, check out The State of Ransomware in Manufacturing and Production 2024.