A review of five years worth of proprietary claims data reveals just how vulnerable manufacturers are to cyber attacks and the high cost of disruptions, according to Resilience, which found more than 90% of total incurred losses in its manufacturing portfolio were attributable to ransomware, despite ransomware making up only 12% of claim volume among manufacturers.

In the newly released report, “The State of Cybersecurity in Manufacturing,” the cyber risk analyst identified the key drivers of financial losses based on real claims data and security practices that deliver measurable reductions in financial risk across its manufacturing portfolio.

In its fifth year as the top targeted industry, manufacturers have no choice but to address ransomware risk especially since attacks increased 61% year over year.

Reasons for the increase have been attributed to rapidly evolving informational and operational technologies, dissolving the boundaries between the two, as well cyber thieves knowledge that the manufacturing industry has little appetite for downtime.

The report found that phishing and transfer fraud accounted for 30% of manufacturing claims, indicating human error remains one of the leading causes of cyber disruption.

Phishing is primarily accomplished via compromised credentials through the use of infostealer malware embedded in emails and through credential phishing sites masked as legitimate login pages.

An estimated 26% of all portfolio losses came from a multi-factor authentication (MFA) misconfiguration as the point of failure.

In fact, the single most expensive event in Resilience’s manufacturing portfolio, attributed to BlackCat, was enabled by misconfigured MFA.

Software vulnerability accounted for 13% of losses.

Wrongful data collection caused 12% of claims, driven primarily by website tracking and pixel-related litigation, rather than operational data collection from connected manufacturing systems but most resulted in zero payout.

Top loss causes:

Ransomware (90%)

Transfer Fraud (4.2%)

Ransomware-vendor (2.2%)

Email compromise (<1%)

Besides the IT/OT convergence threat, legacy systems also pose vulnerability issues for manufacturers because patches may no longer be enough to secure systems. A skills gap along with a historical underinvestment in cybersecurity add to the problem, the report noted.

For manufacturers concerned about lost production time as controls are taken offline to implement security measures, they may be reassured to learn that there are implementable security controls that manufacturers can undertake to meaningfully address material risk and harden their defenses against cyber threats.

“Recent high-profile attacks on manufacturers show the vulnerability of the sector to high-dollar ransomware attacks, but those headlines are only half of the story,” said Vishaal “V8” Hariprasad, co-founder and CEO of Resilience. “Our research is focused on equipping security leaders with the knowledge required to better defend their organizations from devastating business interruption and financial loss.”

As threats evolve, the report offers some reassurance that simple adjustments are all that’s needed to strengthen manufacturers’ posture against cyber risk.

“Manufacturers don’t need to reinvent the wheel in the face of a growing threat,” said Jud Dressler, head of the Risk Operations Center (ROC) at Resilience. “Our claims data, coupled with threat intelligence from the ROC, found that by auditing and validating MFA deployment, implementing procedural controls for financial transfers, investing in ransomware containment and response, and instituting other easy-to-implement practices can materially combat risk.”