DIGITAL MANUFACTURING

“ I would say that it ' s fairly rare to have nation states behind ransomware attacks that are for profit ,” says Shier . “ Nation states are generally after information , they ' re not really in it to make money ; they ' re gathering intelligence , state secrets , intellectual property and information about activists .”

Metal manufacturer Aurubis was hit by a cyberattack last year . “ They believe it ’ s a part of a broader attack against the manufacturing sector – and this has impacted some of their IT systems ,” he says . But Shier saw one silver lining : based on the company ' s reporting , the Environmental Protection side of the business was only minimally impacted . “ They were still able to ingest materials and ship materials . If a large manufacturer like that goes down for any length of time , then it has these ripple effects through the supply chain .”

Aurubis is the EU ’ s largest supplier of copper , so a delay in their production could have a fairly large domino effect on the manufacturing sector .

“ Ransomware is a financially motivated crime , with individuals who are a part of an affiliate network .” In such cases , affiliate networks are the creators of the ransomware that provide the actual software doing the encrypting . They also provide other services like payment and negotiation services , as well as dashboards for victim management .

“ There ' s another tool called X matter , which is also a data stealing tool that is being used by several different groups ,” explains Shier . “ It could be a single person that ' s part of this affiliate programme or it could be a bunch of people . You can also be part of more than one such programme . There ' s a whole bunch of these ransomware groups ; as a group or an individual , you can participate in many of these schemes . Generally , they take anywhere from 10-20 %, then the affiliates themselves get the rest of the profit .”

Sophos ' s ‘ State of Ransomware in Manufacturing ’ report Every year , Sophos conducts a global survey about the IT and security industry .

“ We asked 5,600 respondents across 31 countries about what they wanted to find out more about . The answer was ransomware , the one threat that just refuses to go away .”

Sophos found that 55 % of companies in manufacturing were hit in the reporting year of 2021 , versus a global average of 66 %.

“ That ' s good in relative terms , because they ' re below the global average , but over half of the sector is getting hit and attacks appear to be increasing .”

Sophos also asked whether those who were hit by ransomware attacks paid the ransom or not and how much they paid . 33 % paid , versus a global average of 46 %.

JOHN SHIER SENIOR SECURITY ADVISOR , SOPHOS manufacturingdigital . com 69