Are manufacturers ready for ransomware?

Posted on 27 Oct 2017 by The Manufacturer

Many UK manufacturers are still running legacy systems which are vulnerable to ransomware cyber security attacks, such as the recent WannaCry epidemic which impacted businesses in more than 150 countries.

But with regulations requiring organisations to protect their data, and with the UK’s manufacturing industry more competitive than ever, the importance of having a robust disaster resilience provision in place has never been more critical.

Tony Mannion, sales development manager at SolutionsPT, examines the security challenges facing manufacturers running legacy systems and looks at how they can protect themselves against ransomware attacks, and ensure they are able to recover critical data in the event of one taking place.

Ransomware - Just 31% of manufacturers – fewer than a third – regard cybersecurity as a high priority.
Many manufacturers are still operating legacy control systems which are extremely insecure and liable to leave their systems exposed to disruptive cyber-attacks.

The UK’s manufacturing industry has never been more competitive, with the need to reduce costs and increase profitability forcing manufacturers to fight harder than ever to establish a competitive edge, and one of the most effective ways of doing this is by utilising cutting-edge industrial systems.

Despite this, a significant number of manufacturers are still operating legacy control systems which are extremely insecure and liable to leave their systems exposed to disruptive cyber-attacks.

With cyber-attacks increasing 24% globally during the second quarter of 2017 (compared to the first three months), and with manufacturing now the industry most frequently targeted by cyber attackers, the risk to manufacturers has never been higher.

So, how can manufacturers, particularly those still running legacy systems, ensure their operations are safe from the threat of a ransomware attack? And, if one does take place, what can they do to negate its impact?

Ransomware has become a major problem for manufacturers. With recent high-profile attacks, such as the WannaCry and Petya epidemics which impacted businesses in more than 150 countries and affected critical infrastructure such as airports and banks, and with other key challenges including the malware’s ability to spread quickly and force unscheduled downtime, manufacturers can no longer afford to ignore the threat it poses.

Indeed, if unplanned downtime does take place, manufacturers risk reductions in both productivity and profitability, as well as a loss of reputation and, potentially, a loss of clients.

Another problem posed by ransomware is that many attacks aren’t targeted, meaning all systems, including unpatched systems, Windows systems and the aforementioned legacy systems, are vulnerable to infection.

Similarly, if a ransomware attack can infect your systems, for networks which suffer from a lack of visibility, knowing what the malware is targeting and what damage it is doing is almost impossible.

SolutionsPT will be exhibiting at Smart Factory Expo – 15 & 16 November, Liverpool

The UK’s largest standalone 4IR expo coincides with the government’s much anticipated Industrial Strategy, and features:

  • Dedicated Exhibition Zones – Industrial Automation, Digital Transformation, Smart Factories, Industrial Internet
  • Free conference content – 96 presentations from world-class manufacturers and technology experts over two days
  • Innovation Alley – lifting the lid on the UK’s manufacturing tech start-up scene
  • Hack & Pitch – real engineers, tackling real problems, in real time!
  • Factory Tours – get behind the scenes and see 4IR in action
  • STEM in Focus – engaging with local students to spark their interest in industry
  • Women in Manufacturing – a high-level debate from those on the frontline

Register your FREE place today – www.tmsmartfactoryexpo.com/register-smartexpo

But perhaps the biggest threat to manufacturers lies in the loss of data. This is a huge issue for manufacturers because, as well as being disruptive to operations, the loss of key data often carries with it legal implications, as some industries are required to provide information to government agencies and failure to do so will result in substantial fines.

Likewise, for manufacturers in regulated industries who are unable to sell their products into certain markets unless they have a complete set of production data, such as the pharmaceutical industry, the loss of data can be catastrophic.

Manufacturers need to ensure they are protected against ransomware attacks by having a protective strategy in place which can identify an infection early.

Modern Disaster Resilience solutions, such as Proteus by industrial IT solutions provider SolutionsPT, feature algorithms which can identify when an infection begins to affect your system and protect your back-ups, securing your data and allowing you to maintain a safe and speedy recovery position.

And, because it has been designed to fit into existing environments, it can be easily retro-fitted, making it ideal for protecting legacy systems.

By detecting the mass changes of files that are the core of a ransomware attack, Proteus enables the recovery of critical data via virtualisation which runs a backup of your machine in isolation from your network and other machines, allowing you to find the infected files and purge them from your system.

A disaster resilience provision also ensures your site is fully operational again as quickly as possible, whilst also limiting the amount of data that could be lost in the event of a disaster. Backups are taken and tested regularly, before being stored locally and securely offsite, meaning you have a redundancy provision built into your system.

Furthermore, the virtualisation technology means that those backups can be activated in a virtual environment within minutes of a machine failure, protecting critical OT systems and allowing plants to remain operational whilst a failed machine is replaced. Backups can be undertaken hourly, daily, weekly or monthly, enabling a backup strategy specific for your requirements to be developed.

In order to remain safe from cyber-attacks, manufacturers need to develop an architecture that is inherently secure by design, and ensure they have a plan in place to protect them against the threat of multiple types of cyber-attacks.

This is a cultural issue and the biggest victory a company can achieve against cyber criminals is for a shift in mind set around the OT environment. A disaster resilience provision should be the cornerstone of every manufacturer’s cyber security strategy, as this will ensure they are still able to function in the event of an attack, even when it is impossible to prevent it from occurring in the first place.

To discover the ways your organisation can implement a more robust cyber security strategy, register to attend SolutionsPT’s upcoming OT Cyber Security events here.