The automotive industry is a top-10 target for ransomware, according to a new study.
The rapid adoption of digital technologies has left the industry vulnerable to nefarious digital actors, suggested research from NordLocker, an encrypted cloud firm.
Out of 35 industries, automotive placed eighth in terms of the number of ransomware attacks detected, making it less vulnerable than technology and IT and logistics and transportation but more than municipal services and legal.
The automotive business could be enticing to cybercriminals because of the core processes that make up the industry’s inner workings, according to NordLocker.
Fly D / Unsplash
“The automotive industry has eagerly adopted the digitization and automation of its internal operations, which has rapidly increased the industry’s productivity while at the same time making companies more vulnerable to cyber attacks,” said Oliver Noble, a cybersecurity expert at NordLocker.
He added that automotive companies are at an increased risk of ransomware due to their close partnerships with clients and suppliers, as “getting access to one company’s data could open up avenues for the extortion of several.”
While big companies are lucrative targets, smaller ones are just as exposed for an attack because they’re easier targets.
“Small enterprises usually do not have the same cybersecurity checks in place as larger businesses, making them an easier target for ransomware attacks,” Noble said. “That being said, major companies are still the preferred targets, as their deeper pockets and higher stakes make them more likely to pay up.”
Here are some tips to ensure your business is cyber secure:
Make sure your employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.
Secure your email by training your staff to identify signs of phishing, especially when an email contains attachments and links.
Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.