Create a free Manufacturing.net account to continue

Report Identifies Hidden Costs, Challenges of Ransomware

Too many are paying, and the reasons range from understandable to infuriating.

Jeff Reinke
Apr 25, 2024
Ransomware

ExtraHop, a leading provider of cloud-native network detection and response (NDR) solutions, recently unveiled their third annual Global Cyber Confidence Index. Generally speaking, the report found that most organizations are struggling to manage and mitigate cyber risks, even as they face a growing number of ransomware attacks and incident-related downtime. Some key findings from the research includes:

  • 88 percent of IT and cybersecurity decision makers said they are confident in their organizations’ ability to manage cyber risk.
  • 22 percent of respondents deemed ransomware the biggest risk to their organization.
  • About half say they are still running at least one insecure network protocol that threat actors are known to exploit in ransomware attacks.
  • 58 percent said they experienced six or more ransomware incidents in 2023 (up 32 percent year-over-year).
  • 91 percent of those who experienced a ransomware attack paid up, compared to 83 percent in 2023 and 72 percent in 2022. On average, the research found ransomware payments alone cost nearly $2.5 million per organization in the last year.
  • Respondents said they averaged 56 hours of downtime following a security incident.
  • The cited barriers restricting effective cyber risk management included immature risk management processes (21 percent), the inability to catch up in a fast-paced industry (18 percent), a lack of alignment between the cybersecurity organization and the business (16 percent), outdated technology (15 percent), insufficient personnel resources (14 percent), and insufficient budgets (13 percent).
  • 38 percent feel using AI and machine learning to help manage and mitigate cyber risk is a top priority for their organization.

ExtraHop also provided Manufacturing.net with some manufacturing-specific data:

  • 58 percent of respondents in this sector experienced more than six ransomware incidents in the last year, and 40 percent experienced 10 or more. Of these repeat victims, 91 percent paid the ransom at least once, with 55 percent paying about half the time. Additionally, while 28 percent said they never paid in 2022, that number shrank to 17 percent last year. Furthermore, 63 percent said they paid between $500K – $1M in ransom in 2023.
  • 32 percent of manufacturers believe Immature cyber risk management processes are the biggest barrier to effectively managing cyber risk.
  • 42 percent are seeking a 10 percent increase in cyber budgets.
  • 17 percent say more than half of cyber incidents are linked to poor cyber hygiene.

I was also able to sit down with Jamie Moles, senior technical manager at ExtraHop to get some additional insight.

Jeff Reinke, editorial director: Respondents cited that they are “falling behind when it comes to identifying and remediating threats.” Why do you think this is still the case?

Jamie Moles, ExtraHop: Our research shows a majority of respondents are confident in their organization’s ability to manage cyber risk, yet they continue to be plagued by ransomware, and admit many cybersecurity incidents are related to poor cyber hygiene practices. This overconfidence and limited ability to build business resilience indicate many organizations are falling behind in both detecting and mitigating threats. And with calls for an increased budget, it’s clear respondents want to make investments to limit exposure to threats.

JR:  When “half say they are still running at least one insecure network protocol that threat actors are known to exploit in ransomware attacks” – does this stem from not knowing how to fix the vulnerability? A lack of tools? Something else?

JM: A lack of visibility into their organization’s network and infrastructure can limit the ability to identify insecure network protocols. The security industry is also impacted by burnout as security teams manage multiple solution dashboards while protecting critical data and infrastructure. Removing insecure network protocols, which is typically the work of network and server teams, simply may not be a top priority for either side of an organization’s IT team, compared to other more critical tasks that need more attention.

JR: The continued increase in the number of companies paying the ransom is alarming. Does this stem from simply wanting to get up and running again? Double-extortion tactics? Not having a response plan in place? A combination of these, or something else?

JM: The uptick in ransomware payments is from a multitude of factors. Some companies might not be paying to decrypt their files so much as to prevent stolen data from being released to the public, while others can see it as the more reasonable economic decision as opposed to the staggering, unrealized costs of post-incident recovery. Once ransomware takes hold of an organization’s data, there is no turning back, and the fact that more than 9 in 10 are paying the ransom signals the need for improved detection capabilities to mitigate these types of cyber risks.

JR: Which of the cited “barriers holding them back from effectively managing cyber risk” do you feel is the most troublesome? The easiest to rectify?

JM: Lack of alignment between the business and cybersecurity is a red flag because it indicates non-security-focused business leaders are not on the same page as their counterparts. Building business resilience requires great cyber hygiene and cooperation across an organization, and without it, businesses will continue to fall victim to ransomware and other cyber incidents. However, as our research shows, nearly 3 in 5 executives are involved in cyber risk governance, and more organizations are on the right path to rectify this barrier.

Read Next
General Cyberattack
Cybersecurity
CISA, FBI Release Secure by Design Alert
May 3, 2024
Latest in Cybersecurity
General Cyberattack
CISA, FBI Release Secure by Design Alert
May 3, 2024
Financial Cyber
Ransomware Report Shows Fewer Incidents, Future Concerns
May 3, 2024
Manufacturing Infrastructure Cyber
CISA Releases Latest ICS Advisories
May 3, 2024
Ep92tn
Security Breach: Predictions That Hit
May 2, 2024
Related Stories
General Cyberattack
Cybersecurity
CISA, FBI Release Secure by Design Alert
Manufacturing Infrastructure Cyber
Cybersecurity
CISA Releases Latest ICS Advisories
Ep92tn
Cybersecurity
Security Breach: Predictions That Hit
Ep90
Cybersecurity
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
More in Cybersecurity
General Cyberattack
Cybersecurity
CISA, FBI Release Secure by Design Alert
The two agencies are urging manufacturers to eliminate directory traversal vulnerabilities.
May 3, 2024
Financial Cyber
Cybersecurity
Ransomware Report Shows Fewer Incidents, Future Concerns
The fear is that larger RaaS groups are exercising greater control over their affiliates.
May 3, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
CISA Releases Latest ICS Advisories
Cisco, Siemens, Honeywell and Mitsubishi systems top the list.
May 3, 2024
Ep92tn
Cybersecurity
Security Breach: Predictions That Hit
A look back at Security Breach guest's most accurate and timely industrial cybersecurity predictions.
May 2, 2024
Andrew Witty, Chief Executive Officer of UnitedHealth Group, testifies at a Senate Finance Committee hearing examining cyber attacks on health care, and the Change Healthcare cyber attack, Wednesday, May 1, 2024, on Capitol Hill in Washington.
Cybersecurity
Change Healthcare Cyberattack Due to Lack of Multifactor Authentication
That's according to UnitedHealth CEO Andrew Witty.
May 1, 2024
I Stock 1311492607
Cybersecurity
ZAG Launches Cybersecurity Series for Food, Agriculture Sectors
Empowering agricultural businesses with the tools necessary to protect their digital infrastructure.
April 29, 2024
Ep90
Cybersecurity
Security Breach: DMZs, Alarm Floods and Prepping for 'What If?'
The new factors impacting a growing attack surface, and how to evolve your cyber risk strategies.
April 25, 2024
Fleet Of Fed Ex Delivery Trucks In A Parking Lot 483290419 4500x3000 (1)
Cybersecurity
Transportation and Logistics Under Siege
A look at how this vital and increasingly targeted market sector is responding to more cyberattacks.
April 24, 2024
Industrial Cyber
Cybersecurity
5G, AI and More Are Changing OT - Why Zero Trust Could Be the Solution
Maximizing technology investments while maintaining security.
April 24, 2024
Manufacturing Infrastructure Cyber
Cybersecurity
Avoiding Shutdowns from Ransomware Attacks
A strategic approach for protecting OT networks.
April 24, 2024
IEC 62443 is a key standard to reduce risk of cyberattacks in industrial workplaces.
Cybersecurity
How to Build a More Secure Connected World with IEC 62443
The goal is better efficiency, improved sustainability and interoperability, enhanced reliability and greater cost-effectiveness for system integrators, product suppliers and other stakeholders.
April 24, 2024
Ap24114558425503
Cybersecurity
UnitedHealth Says Wide Swath of Patient Files May Have Been Taken in Cyberattack
Screen shots containing protected health information or personally identifiable information were posted.
April 24, 2024
Coding
Cybersecurity
CISA Releases 7 ICS Advisories
Unitronics, Rockwell and Mitsubishi head the list.
April 19, 2024
Financial Cyber
Cybersecurity
Alarming Trends Reinforced in Ransomware Attack of Semiconductor Mfr.
Experts assess the fallout from the Dark Angel attack on Nexperia.
April 19, 2024
Industrial Cyber
Cybersecurity
Hexagon, Dragos Announce Partnership
The team-up looks to "revolutionize OT cybersecurity."
April 18, 2024