Manufacturing and Scientific Industries top ransomware targets in Q3 2024: Arete Reports

By Staff Writer,

Added 10 December 2024

Despite these challenges, both sectors demonstrated notable resilience, with manufacturing standing out as one of the top industries capable of recovering without paying a ransom.

Tata Elxsi and CSIR-NAL forge strategic partnership to drive innovation in advanced air mobility

IMTMA and Ace Micromatic Group forge a five-year strategic partnership

Force Motors Limited secures contract to supply 2,429 ambulances to Uttar Pradesh Government Health Department

Arete's Q3 2024 report reveals that the Manufacturing and Scientific & Technical Services industries were among the most targeted by ransomware groups, accounting for 19.5 per cent and 15.6 per cent of total incidents, respectively. Despite these challenges, both sectors demonstrated notable resilience, with manufacturing standing out as one of the top industries capable of recovering without paying a ransom.

While no single ransomware group explicitly targeted manufacturing, several prominent threat actors—including Play, Akira, Fog, and RansomHub—were linked to attacks on the sector. In contrast, the professional, scientific, & technical services industry experienced significant activity from the BianLian group, which employed email-based tactics leading to comparatively lower ransom demands.

The Healthcare & Social Assistance sector also faced considerable disruption. The Rhysida group exploited fake Microsoft Teams applications to deploy malware, highlighting the continually evolving tactics of cybercriminals.

A notable trend this quarter was Play's focus on high-revenue organisations, with victims averaging $250 million in annual revenue and ransom demands reaching up to $1.5 million. However, Arete's analysis indicates that decisions regarding ransom payments were more strongly influenced by factors such as backup availability and internal recovery capabilities rather than industry type or revenue alone.

"As threat actors evolve their tactics, Arete continues to monitor their activity, analyse trends, and leverage our threat intelligence to better respond to cyber threats," said Geoff Brown, Arete's President and Chief Operating Officer. "Using this unique data, we are dedicated to protecting our clients, informing our partners, and contributing to the shared fight against cyber extortion."

In light of these findings, Arete emphasises the importance of a proactive approach to cybersecurity. This includes investing in advanced threat detection technologies, conducting regular security assessments, and providing employee training to strengthen overall cyber defences.

By staying ahead of evolving threats and preparing for potential incidents, organisations can better protect critical assets and ensure faster recovery from disruptions. Arete advocates for a comprehensive cybersecurity strategy that prioritises both prevention and incident response, safeguarding data and operations in an increasingly interconnected world.