While the manufacturing sector only made up 18% of all paid ransom cases last year, it accounted for the most ransom paid, with over $6.9m transferred to threat actors in 2019.
In the latest Intel Threat Report by Kivu on ransoms the company paid in 2019, analysis of the payments showed that the manufacturing sector thus represented 62% of the total +US$11m in paid ransoms.
Further analysis of 2019 attacks showed that 67% of paid ransomware attacks against manufacturing clients were conducted via Ryuk, a type of crypto-ransomware that utilizes encryption to block access to a system, file or device until a ransom is paid.
However, while the manufacturing sector made up the largest number in paid ransoms, it was not the hardest hit.
Kivu’s findings showed the healthcare industry to be most frequently hit by ransomware threat actors, making up 27% of the cases in which ransom was paid.
Over the past four years, Kivu has been involved in over 700 ransomware incidents. In 2019, Kivu facilitated ransom payments in 143 cases, paying a total of over US$17m.
This new report focuses on data from 63 of those cases where the industry was identified and recorded, amounting to a total of over US$11m paid in ransom.
A common misconception is that ransomware attackers only target larger corporations and businesses, but Kivu’s findings demonstrate that attackers employ various tactics to target entities of all sizes in many industries.
State municipalities, education bodies, healthcare organizations, manufacturing companies and architecture firms comprise a few of the industries that Kivu assisted with ransomware payments in 2019.
To see the breakdown of how these sectors were impacted by ransomware threat actors in 2019, refer to Kivu’s latest Intel Threat Report – 2019 Paid Ransomware Report.
“This latest report is a testament to the exclusive insight Kivu is able to produce from over 700 ransomware cases and with over four years of work in this area. Evaluating cyber threat trends from ransom payments is something we will continue to do, and we look forward to sharing those findings with our partners going forward,” said Elgan Jones, CIO and Managing Director at Kivu Consulting.
“Our hope is that this report and other research we produce helps to inform insurance carriers’ and law firms’ services to better support their customers in navigating the cyber risk landscape,” he added.
The full report can be accessed here.