Manufacturing Represents 62% of all Ransomware Payments

In 2017 Kivu facilitated ransom payments of over $17m for over 143 cases Of this they took 63 of those cases and identified trends that they released in a report detailing what industries where hardest hit and who had the largest payouts.  

Ransomware Attack Myth

It’s a common misconception that ransomware attacks target only big businesses when in reality they target organizations of all shapes and sizes Often going after the small to mid-range business as they don’t have the same budgets or IT personnel to invest in cybersecurity.   

KIVU Ransomware payout report

Picture Paid Ransomware cases

Image courtesy of Kivu Consulting


Part of Kivu’s paid ransom report shows that although manufacturing represented only 18% of the cases, manufacturing paid out 62% of the total sum of all ransom paid between all cases analyzed The highest paid ransom at almost $2m 67% of paid ransomware attacks against manufacturing came from a single variant the Ryuk crypto-ransomware.   


Ransomware Incident Response: Once infected, the victim then has three options:   

  1. Restore from Backup.  Historically this has been doable but, in many cases, business still paid the ransom even when they had viable backups.  Primarily it was cheaper to pay the ransom then go through a logistical nightmare and operational outage to try and recover all the data.  Recovery can take days and sometimes full recovery over a week depending on the backups the business was using. 
    Now in 2020 hacker groups have introduced a growing trend that they are no longer are satisfied with holding data hostage.  There is a strong and swift pivot for hacker groups to not only hold data ransom but to also steal your data to gain more leverage even if you have a backup to restore from.  If their ransom demands aren’t met, they release the data on the dark web which exposes businesses to potential legal, reputational and compliance complications.
  2. Pay the ransom and go through the process of decrypting the data.  (The bad actors don’t make it easy. They give you decryption key and you must go through all the work of recovering your data via decryption tools.   They don’t do it for you.)  The FBI also strongly discourages payment of ransom for with the notion that if businesses didn’t pay, the bad actors wouldn’t do it anymore.  The problem is that ransomware pays extremely well and over 90% of those who get ransomware end up paying out the ransom.  
  3. Don’t pay the ransom and forfeit the data.  You are then at the mercy of the attackers on whether they publish your data on the dark web.   

Average Ransomware Cost to Remediate

Average cost to a ransomware attack image - The State of Ransomware 2020 - Sophos

Better to know your risks and vulnerabilities than to assume everything is OK. Reach Out for a FREE Vulnerability evaluation and we can help assess where you are at and help you build a roadmap for managing modern cyber risks  


Protect Your Business Against Cyberattack

Teknologize has clients throughout the Pacific Northwest with offices located in the Tri-Cities, Washington 509.396.6640 and Bend, Oregon 541.848.6072.

Protect Your Business Against Cyberattack

Subscribe to our blog

Recent Posts