Ransomware attacks on manufacturing companies have caused an estimated $17bn in downtime since 2018. According to new figures by Comparitech, these incidents have disrupted operations at 858 manufacturers worldwide, with each day of downtime costing an average of $1.9m.
This significant financial impact stems from the widespread disruption of ransomware attacks. Beyond halting production, they jeopardize customer orders, damage relationships and lead to prolonged recovery efforts.
Resurgence of Attacks in 2023
The data published by Comparitech today highlighted a resurgence in ransomware attacks in 2023, with 194 confirmed cases compared to 109 in 2022.
The manufacturing sector, in particular, saw a dramatic rise in data theft, as attackers breached 43.9 million records in 2023 – over 40 times more than in 2022. Notable breaches include VF Corporation (35.5 million records) and PharMerica (5.8 million records).
Read more on the PharMerica breach: PharMerica Breach Hits Over 5.8 Million Customers
Despite this, ransom payment disclosures remain rare. Among 858 cases, only eight companies confirmed payments. Boeing notably refused to pay a $200m ransom in 2023, resulting in the public release of 43 GB of data.
The Cost of Downtime and Ransom Demands
The average downtime per attack is 11.6 days, though incidents range from hours to 129 days. Using the $1.9m daily downtime figure, researchers estimated that ransomware-induced downtime costs manufacturing companies billions annually. Notable recovery costs include:
-
Demant (2019): $95m in recovery expenses
-
Taiwan Semiconductor Manufacturing Company (2018): $85m in losses from a three-day shutdown
-
WestRock (2021): $79m in damages, including $50 million from lost production
The average ransom demanded of manufacturers since 2018 is $10.7m, with amounts ranging from $5,000 to $200m. LockBit, the ransomware strain responsible for the Boeing attack, has been a dominant player in recent years.
Sectors like transportation/automotive manufacturing (130 attacks) and food/beverage production (124 attacks) have been among the hardest hit.
Growing Threat in 2024
As of October 2024, 137 attacks have been confirmed during the year, with downtime averaging 11 days per incident. While the year is still unfolding, experts predict ransomware attacks could rival or surpass 2023 levels.
Ransomware attacks have exacted a staggering toll on the manufacturing industry, as evidenced by the downtime losses reported since 2018. This underscores the urgent need for companies to enhance cybersecurity and adopt strategies that minimize operational disruption in the event of an attack.