Why hackers are zeroing in on your manufacturing clients

Online hackers are targeting manufacturers because they’re between a rock and a hard place: Pay up or see operations grind to a halt.

All sectors are susceptible to data breaches, ransomware attacks and phishing, but criminals are narrowing their focus on who is most vulnerable, explained Katherine Keefe, Philadelphia-based head of Beazley Breach Response.

“Who would be the most willing or inclining to pay a ransom if their systems were locked up?” is a question these hackers are asking, Keefe told Canadian Underwriter in an interview.

“And when you talk about a manufacturer that operates their systems electronically with computerized business processes, it doesn’t take much of an attack to grind those processes to a halt through encrypting the data or the system,” she explained.

In a quarterly report from Beazley, the manufacturing sector saw the biggest increase in attacks involving ransomware — up 156% in the first quarter of 2020 compared to the final one of 2019.

So hackers have come to realize that attacking a manufacturing company (not the big guys, but more typically those on the mid- to smaller end of the spectrum) is a good way to go if they want to get paid.  “If their systems are locked to the point where they can’t operate their business, maybe that company in a vulnerable position would be most likely to pay the ransom,” Keefe said.

iStock.com/alengo

“So these hackers are really picking and choosing their victims based on how vulnerable they could be to an attack that would potentially put them out of business.”

Adding to the concern is the fact that there has been a recent change in these attacks. It’s not just a case of ransom, but blackmail, too. “In the past 6-8 weeks, we’re seeing a real influx of extortion where the attacker is saying, ‘We’re not only going to encrypt or have encrypted your data, but we’re going to release it; we’re going to disclose it; we’re going to sell it. We’re going to somehow shame you by selling your corporate secrets, making public your business operations, business plans, trade secrets, architectural plans,’” Keefe said.

“So there’s now a new element to this, which is not just accessing your data, but having it be made publicly available by the attackers.”

Smaller manufacturers on the other end of these attacks may not be as technologically sophisticated, meaning that they don’t have the adequate protections or they haven’t made backups of their systems. Those that have made backups can restore their systems but “some are forced to pay the ransom,” Keefe said.

Beazley’s latest quarterly findings, released last month, showed that incidents involving ransomware were by 25% in 2020 Q1 compared to 2019 Q4. The company reported that the financial services and healthcare sectors were most affected by such attacks, making up half of all reported ransomware attacks in the first three months of 2020.

Featured image by iStock.com/yoh4nn