Manufacturing industry in India most targeted by ransomware attacks: Report

The manufacturing industry is the most targeted sector in India for ransomware extortion. This trend highlights critical vulnerabilities within this sector, which suffers from limited visibility into operational technology (OT) systems, inadequate network monitoring, and suboptimal cyber-hygiene implementation, a new report by security firm Palo Alto has found. 

“In a rapidly transforming country like India, organisations are constantly grappling with a blend of modern and legacy systems, creating huge cybersecurity gaps. And with attackers increasingly targeting software and API vulnerabilities, our findings come as no surprise. Thus, organisations need to move away from point-solutions that increase time to detect/respond and end up being more costly in the long-term,” said Anil Valluri, MD and VP, India and SAARC, Palo Alto Networks.

Manufacturing is a vulnerable sector when it comes to cybersecurity. A study by another security analysis firm Sophos in July 2023 showed similar results. The study, which polled 3,000 IT/cybersecurity leaders in large and mid-sized enterprises, more than two-thirds (68%) of these firms have been hit by ransomware attacks globally and had their data encrypted by hackers. This is the highest reported encryption rate for the sector over the past three years, noted Sophos, indicating that attackers are frequently succeeding in encryption data.

The study also found that the proportion of manufacturing organisations paying higher ransoms has increased since last year. Notably, 40% paid a ransom between $100,000 and $999,999 in 2022 compared to 29% who paid this amount in 2021.

The Palo Alto report cited above also identified that hackers and bad actors are moving away from phishing techniques to trap users. From one-third in 2022, phishing attacks dropped to 17% of all attacks in 2023. This indicates that cybercriminals are moving to more technologically advanced and efficient methods.