Attack rates and recovery costs have both gone up<\/h2>\n
65% of manufacturing and production organizations reported they were hit by ransomware last year. This is a notable increase from the previous two years (56% in 2023 and 55% in 2022) and represents a 41% increase since 2020.<\/p>\n
93% of manufacturing organizations hit by ransomware in the past year said that the cybercriminals attempted to compromise their backups during the attack. Of them, 53% of backup compromise attempts were successful.<\/p>\n Additionally, three out of four ransomware attacks on manufacturing organizations (74%) resulted in data encryption, the highest encryption rate for the sector in the last five years. This rate is also higher than the 2024 cross-sector average of 70%.<\/p>\n In 2024, manufacturing organizations reported a mean cost of $1.67M to recover from a ransomware attack, an increase from the $1.08M reported in 2023.<\/p>\n On average, 44% of computers in manufacturing and production are impacted by a ransomware attack. Having your full environment encrypted is extremely rare, with only 4% of organizations reporting that 91% or more of their devices were impacted.<\/p>\n While 58% in manufacturing restored encrypted data using backups, 62% paid the ransom to get data back. The percentage of manufacturing organizations that paid the ransom has almost doubled from our 2023 study when the sector reported one of the lowest ransom payment rates (34%) across all sectors.<\/p>\n A notable change over the last year is the increase in the propensity for victims to use multiple approaches to recover encrypted data (e.g., paying the ransom and using backups). This time around, almost half of manufacturing organizations (45%) that had data encrypted reported using more than one method, more than double the rate reported in 2023 (19%).<\/p>\n 157 manufacturing respondents whose organizations paid the ransom shared the actual sum paid, revealing that the average (median) payment has increased by 167% over the last year, from $450,000 to $1.2M.<\/p>\n While the ransom payment has increased, only 27% of manufacturing victims said that their payment matched the original request. 65% paid less than the original demand, while only 8% paid more.<\/p>\n![\"\"](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/ransomware-rate.png\")
<\/a><\/p>\nDevices impacted in a ransomware attack<\/h2>\n
![\"\"](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/devices-impacted.png\")
<\/a><\/p>\nSix in ten victims now pay the ransom<\/h2>\n
![\"\"](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/data-recovery.png\")
<\/a><\/p>\nRansom payments have soared \u2013 but victims rarely pay the sum demanded<\/h2>\n
![\"\"](\"https:\/\/news.sophos.com\/wp-content\/uploads\/2024\/05\/ransom-payment-pie-chart.png\")
<\/a><\/p>\n