• Why IRONSCALES
  • Platform
    Spring '24 Software Release! Check out our new deep image-based detection, GWS capabilities, and more. Explore the new additions
  • Solutions
    Introducing Weekly Demos! Join us for a live walkthrough of our platform and see the difference firsthand. Register Now
  • Learn
    New Report! Osterman Research releases their 2024 findings on Image-based/QR Code Attacks. Read the report
  • Partner
  • Pricing

Ransomware has become a persistent and costly threat in today's digital landscape, affecting organizations across various industries. In this blog post, we will explore the market landscape of ransomware by industry, highlighting its impact in the healthcare, hospitality, mining, transportation, agriculture, pharmaceutical, media & entertainment, and manufacturing sectors. 

Ransomware in Healthcare:

The healthcare industry has become a prime target for ransomware attacks due to its reliance on critical patient data and the potential for disruption in patient care. Consider all the data collected by a typical healthcare provider: names, addresses, social security numbers, symptoms, dates of admission/discharge, passport photos, and cardholder data. All this information is extremely valuable in the wrong hands.

Attackers attempt to gain entry routes into IT systems and lock down computers and servers with malware. Here are some of the most telling statistics.

  • According to IBM's latest data breach report, The cost of a breach in the healthcare industry went up by 42% since 2020.
  • For the 12th year in a row, healthcare had the highest average data breach cost of any industry.
  • The same report said the average cost of a ransomware attack on healthcare organizations was $10.10 million in 2022.
  • A 2022 IC3 report found that  Healthcare and Public Health ranks highest, with IC3 receiving 210 ransomware complaints that indicated organizations belonging to a critical infrastructure sector were victims of a ransomware attack

Recent Ransomware Attacks on Healthcare Organizations.

Ransomware in Hospitality: 

Ransomware poses significant cybersecurity risks for the hospitality industry, which includes hotels, tourism agencies, restaurants, and bars. These businesses interact directly with customers who frequently use credit/debit cards for transactions. Due to the need for collecting sensitive data and proximity to paying customers, the hospitality sector is a prime target for ransomware attacks. 

Hospitality companies heavily rely on digital technologies for crucial operations, such as payment processing, accounting, and reservation systems. Even key-card access to hotel rooms is facilitated through computer-controlled technology.

These digital systems, including POS systems and connected networks, are susceptible to ransomware attacks. Threat actors view hospitality businesses as easy targets to lock down with malware and demand significant ransom payments. Moreover, the hospitality sector is still recovering from the pandemic, with hotels, bars, and restaurants experiencing a sudden decline in customers for several months. A significant breach of customer data, averaging $4.2 million per incident, could push any hospitality company over the edge.

Recent Ransomware Attacks in Hospitality.

Ransomware in Mining:

The mining industry focuses on the extraction of minerals and other elements from Earth. The process in providing minerals to a wide variety of downstream manufacturers and suppliers makes this industry a target for ransomware attacks. 

With many mining operations relying heavily on digital systems and interconnected networks, they face potential disruptions that can have severe consequences. Ransomware attacks can impact critical mining processes, leading to operational downtime, financial losses, and compromised safety measures.

Recent Ransomware Attacks in Mining.

Ransomware in Transportation:

Transportation companies face significant risks from ransomware attacks, which can disrupt services and jeopardize people's well-being. This article explores the vulnerability of the transportation industry to ransomware and examines its current state.

The transportation sector, encompassing aviation, maritime, and ground services, is highly susceptible to ransomware attacks due to the following factors:

  • Interconnected Services: The extensive network of transport services offers numerous potential points of attack for threat actors.
  • Supply Chain Impact: Ransomware incidents in transportation can have cascading effects on supply chains, increasing the likelihood of attackers receiving ransom payments.
  • Societal Importance: The critical role of transportation makes it an attractive target for state-sponsored actors seeking to disrupt another country.

While specific data on ransom demands resulting from successful attacks on transport service providers is limited, recent trends indicate a median ransom amount of $47,008.

Recent Ransomware Attacks in Transportation. 

Ransomware in Agriculture: 

The agriculture industry, encompassing crop cultivation, animal farming, and fishing, plays a crucial role in feeding the growing global population. Consequently, it has become a prime target for ransomware attacks.

Threat actors view ransomware as a lucrative opportunity in agriculture, as it can disrupt food production and disrupt time-sensitive distribution supply chains, leading to substantial payouts. This article provides an overview of the current state of ransomware in agriculture, including recent attacks.

The agriculture sector and its associated industries contributed $1.1 trillion to the US GDP in 2019, accounting for 5.2% of the total share. Recognizing the severity of the threat, the FBI even issued a warning to agricultural companies, urging them to stay vigilant against ransomware attacks and take proactive measures to prevent them.

Recent Ransomware Attacks in Agriculture.

Ransomware in Pharmaceuticals: 

The pharmaceutical industry comprises public and private organizations dedicated to drug research, development, and manufacturing. In 2020, the global pharmaceutical industry was valued at approximately $405 billion, and it is projected to grow annually by over 11% from 2021 to 2028. The pharmaceutical sector has been the most prominent among all industries affected by the COVID-19 pandemic.

Governments worldwide have made substantial investments in vaccine research and manufacturing as well as post-infection treatments. Unfortunately, this increased focus has also led to a rise in cyber attacks targeting pharmaceutical companies. Both common criminals and nation-states seek to steal valuable intellectual property and demand ransom payments.

According to a recent Forbes article, pharmaceutical and biotech companies experience more breaches than any other industry, with 53% attributed to malicious activity, as reported in the 2020 Cost of a Data Breach Report by IBM and the Ponemon Institute. The financial consequences of these breaches continue to escalate.

Recent Ransomware Attacks in Pharmaceuticals.

Ransomware in Media & Entertainment: 

Media and entertainment businesses, including newspapers and TV broadcasters, are highly vulnerable to ransomware attacks. Threat actors believe that these attacks can lead to significant payouts by disrupting customer services and blocking access to crucial data. This article explores the state of ransomware in the industry and highlights recent attacks.

In the US, the media and entertainment sector is valued at $717 billion. A 2018 survey revealed that over half of the companies in this industry experienced three or more cyber attacks within a year. Hackers target these businesses, seeking lucrative opportunities.

A concerning trend is the rise of double extortion attacks, where hackers steal valuable data before encrypting systems. They threaten to release the data on the dark web unless a ransom is paid.

Consider the average cost of producing a major movie, which is $65 million. Hackers understand the value studios place on their content and may target movie studios to access files for upcoming films. Releasing a movie on the dark web prior to its official release would be disastrous, leading studios to consider paying the ransom.

Besides content theft, successful ransomware attacks can cause operational outages, preventing TV broadcasts and newspaper publications. The risks are clear, and the frequency of attacks is increasing.

Recent Ransomware Attacks in Media & Entertainment.

Ransomware in Manufacturing: 

Manufacturers face costly consequences from IT or OT system downtime, making them prime targets for ransomware attacks. Ransomware groups focus on companies likely to pay for system or data recovery.

Smart manufacturing increases the vulnerability to cyber attacks, as internet-connected industrial OT devices control critical assets in plants. Exploiting these devices is a real concern.

Successful ransomware attacks in manufacturing can have far-reaching effects. For instance, an attack on a vaccine manufacturer could disrupt vaccine supplies. Statistics reinforce manufacturers' attractiveness as ransomware targets:

  • Ransomware attacks on manufacturing companies tripled in 2020.
  • Manufacturers are prime targets for double extortion ransomware, where data is stolen before systems are locked down, increasing the incentive to pay.
  • A Dragos study found that 56% of attacks on industrial control systems impacted operations functionality.

Recent Ransomware Attacks in Manufacturing.

How to Prevent Ransomware

Leverage AI and Human Insights with IRONSCALES, a complete solution for protecting your enterprise from advanced phishing attacks. Our platform combines AI and human insights to stop BEC, ATO, and VIP impersonation. Join over 10,000 customers who are safeguarding their organization by:

To learn more about IRONSCALES’ award-winning anti-phishing solution, please sign up for a demo today.

Audian Paxson
Post by Audian Paxson
July 11, 2023