[Exclusive] 70% of Ransomware Hacking Reports Involve SMEs...Manufacturing Sector Is the Primary Target

Ransomware (Image=Getty Images Bank)

Ransomware hacking incidents in South Korea have been found to be concentrated among small and medium-sized enterprises (SMEs). Recently, Kyowon Group suffered a ransomware attack that affected approximately 600 servers and put 9.6 million users at risk of data leaks. Amid this, experts point out that SMEs, which lack specialized security personnel and sufficient budgets, are becoming "easy prey" for hackers.

According to "Status of Ransomware Reports in the Private Sector," obtained by The Asia Business Daily on the 26th through the office of Assemblywoman Lee Haemin of the National Assembly's Science, ICT, Broadcasting, and Communications Committee, SMEs have accounted for more than 70% of ransomware incident reports for the past five consecutive years. Of the 274 ransomware cases reported last year, 194 cases (70.8%) involved SMEs, while 72 cases involved mid-sized companies and only 8 cases involved large corporations. This means that, for several years, more than 7 out of every 10 reported ransomware incidents have occurred at SMEs.

Ransomware is a type of malicious code used in crimes in which a company's internal files and systems are encrypted, making normal work impossible, and money is demanded in exchange for restoring access. It is one of the most frequent types of hacking attacks and is considered to have a significant impact on companies. Recently, the threat has intensified with the addition of "double extortion" tactics, in which hackers not only encrypt data but also exfiltrate sensitive information and threaten to release it publicly.

By industry, the manufacturing sector has emerged as the primary target of ransomware attacks. Over the past five years, about 2 out of every 5 reported ransomware incidents have occurred in manufacturing. If key information such as design blueprints and production data is stolen from manufacturers, the company's competitiveness can be severely damaged, and if production lines are halted, it can lead to immediate revenue losses. From the hacker's perspective, this is an industry where the likelihood of receiving a ransom is high.

The security industry points out that these statistics reveal the structural vulnerabilities of the security environment among South Korean companies. Lee Hyungtaek, head of the Korea Ransomware Response Center, explained, "Compared to large corporations, SMEs have limited security personnel and budgets, and their defenses are relatively weak, making them easy targets for attackers. This is why, even as damages are repeated, it is difficult for the overall structure to change significantly."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.