Here we share our expertise, learnings and news


Under how much THREAT is industrial security and how are companies defending themselves?

Nine out of ten companies are affected by cyber-attacks. More than a third of these attacks are carried out by ransomware. (Bitkom Research 2021 / X-Force Threat Intelligence Index, IBM, 2022)

For attackers, manufacturing companies are the most interesting victims today as they are a very lucrative target: availability is the highest asset for these companies – the longer a production stands still, the bigger the loss of revenue. The strong suffering creates a high chance for attackers to quickly obtain ransom.

In this blog, we would like to educate manufacturing companies about the topic of ransomware and provide tips on how to prepare for the worst-case scenario, an attack. Because the question is no longer IF an attack will take place, but WHEN it will take place.

Ransomware …

How do I recognize ransomware?

In order to be able to react immediately with countermeasures in the event of an attack and thus keep the damage to a minimum, it is helpful if you and your employees are able to recognize an attack as such as quickly as possible. To do this, it is important that you and your team know the indicators of an attack.

With the exercise below from one of our cybersecurity trainings, you can playfully learn which activities and changes can come from a ransomware attack. Try to match where the indicators occur – with employees or administrators:

How do I proceed in the event of an attack?

You or your employees have detected an attack. That’s good. But what next?

The VDMA (Verband Deutscher Maschinen- und Anlagenbau) has published an emergency guide to ransomware attacks. The measures in this guide serve 3 core objectives that you should always keep in mind:

  1. damage control
  2. finding and closing the infection vector
  3. setting up the systems and restoring the data

Here is a brief summary of the measures you should take as soon as you have noticed an attack:

You may be thinking: Why all the effort? Who can tell me that the countermeasures will be successful, and production can continue? The measures will incur costs anyway, so why not just pay the ransom?

There are some cons against paying the ransom:

Now you know how to quickly detect an attack and what actions you should take if you were attacked. But it is still best if

  1. an attack does not happen at all or
  2. your company and your employees are so well prepared for an attack that that only very little damage can be done to your production.

We have listed what you can do about this in advance in a white paper.

White Paper

OR you take the initiative now and train your employees in a company-specific training and prepare them practically for the “what-if scenario”.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Don't miss a thing

Subscribe to our newsletter and get the latest news on events, programs and more!

We're committed to your privacy. University4Industry uses the information you provide to us to contact you about our relevant content, projects, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.

More of this topic


Free Checklist

Almost every day, well-known companies find themselves in the headlines because they have been the victim of a cyberattack. For a long time now, security training and the development of measures have no longer been about the question of whether one will be affected, but when and to what extent. However, this does not mean that manufacturing companies should just sit and wait until the time comes. In this paper, we have listed what companies can do in advance to delay attacks and be as resilient as possible to attacks.

Sign up now to learn what you can do ALREADY to prepare best for a possible ransomware attack.

After you filled out the form, you will receive an email from us with the free white paper. Please check your spam folder in case your message got stuck there. Please

Schedule an appointment now

Would you like to learn more about our approach?

Have a conversation with one of our experts
about how we as your partner could support you.

By entering your email address, you will accept our privacy policy and receive a confirmation email. Through this email, you have the chance to subscribe to our regular updates. Without your permission, you will not receive our newsletter.

Jetzt Termin vereinbaren

Sie möchten mehr über unseren Ansatz erfahren?

Sprechen Sie mit einen unserer Expert*innen,
wie wir Sie als Partner am besten unterstützen dürfen.

Wenn Sie Ihre E-Mail-Adresse eingeben, akzeptieren Sie unsere Datenschutzbestimmungen und erhalten eine Bestätigungs-E-Mail. Mit dieser E-Mail haben Sie die Möglichkeit, unsere regelmäßigen Updates zu abonnieren. Ohne Ihre Zustimmung werden Sie unseren Newsletter nicht erhalten.