In 2020 the manufacturing industry saw a three-fold rise in ransomware attacks, with such attacks becoming one of the biggest risks to businesses in this sector. With an average downtime of 2-3 weeks that it usually takes to recover from a ransomware attack, becoming victim to one can seriously damage manufacturers’ trading abilities, causing significant production line delays and immense financial loss.
The manufacturing industry is one that is heavily reliant on technology but not necessarily well-protected when it comes to IT Security, which provides an attractive opportunity to cyber criminals looking for an easy target. In our experience at GoodChoice IT, of all the industries we work in we have certainly found this industry to be at one of the greatest risks of failure due to common security vulnerabilities that expose manufacturers’ systems to ransomware attacks, many of which are preventable with the right cyber security strategy and protection in place.
What Is A Ransomware Attack?
A ransomware attack is when cyber criminals hack into your IT system and steal your companies data and/or adds malware which may cause dysfunction, before demanding a ransom payment, usually in a cryptocurrency, to restore data. An example of one of the biggest and most documented ransomware attack in recent years is the WannaCry attack that was carried out in 2017 to Microsoft operating systems around the world. The WannaCry ransomware attack targetted businesses and IT systems that were running an out-of-date version of Windows without the latest security updates, which allowed easy backdoor entry.
Most notably, WannaCry hit the NHS and affected 70,000 devices, from computers to medical equipment such as MRI scanners and operating theatre equipment. It also hit many other large-scale companies across the world, including FedEx, Telefonica and Deutsche Bahn as well as car manufacturing companies, Nissan and Renault, both of who had to halt production after some of their systems were infected by ransomware, illustrating some of the consequences to manufacturing businesses should they suffer a ransomware attack.
Why Manufacturing Companies Are At Greater Risk Of A Ransomware Attack
Some of the main challenges faced by manufacturing businesses when it comes to preventing ransomware attacks include:
- Lack of understanding of risk
- Lack of device isolation
- Out of date systems and ‘black box’ systems which are a huge security risk but would cost hundreds of thousands of pounds to update
- Customer fines for performance issues
- Poor understanding of how systems work and interact which can expose security vulnerabilities
- Not carrying out cyber security risk assessments
- Loss of data in the event of a ransomware attack
- Dangerous chemicals and heat managed by IT systems
Many of these issues have exposed the manufacturing industry as one of the most vulnerable large scale industries when it comes to cyber security, hence there’s never been a better time for manufacturers to put the necessary IT security precautions in place to prevent paying a higher price later down the line.
How Cyber Criminals Carry Out Ransomware Attacks
There are many ways in which cyber criminals can find a weak entry point into your IT systems and devices to carry out a ransomware attack. Three of the most common ways cyber attacks happen include:
#1 Phishing Scams
Phishing scams target users with links from reputable looking companies, often with very similar URLs that are intended to trick victims into revealing sensitive information such as passwords, which hackers can then use to gain entry into a system. Often a phishing website will be made to look almost identical to the one it is trying to imitate, which to the untrained eye can go completely unnoticed. Phishing scams can also trick victims into clicking a link which can infect devices with malware.
#2 Outdated Software
As in the example of the WannaCry ransomware attack, outdated software can leave backdoors open for hackers and cyber criminals, allowing easy entry into your systems with often costly outcomes.
#3 Lack of Endpoint Protection, Anti-Virus Software and Firewalls
Effective endpoint security protection and anti-virus software for commercial businesses is built to protect companies systems and data by detecting and preventing any attacks in progress, thus without such protection it is often too late to prevent a ransomware attack if a backdoor has been found!
How The Manufacturing Industry Can Minimise Risk
There are many ways to minimise the risk of and in most cases, prevent a ransomware attack. One of the most obvious and highly recommended solutions for manufacturing companies is to employ a reputable and knowledgable cyber security company, who ideally has experience in the manufacturing industry (like Goodchoice IT!), to carry out a full cyber security risk assessment. They will be able to expose vulnerabilities in your system and put the necessary security systems and protection in place to prevent such attacks.
Some of the steps manufacturing businesses can take to minimise the risk and consequences of a ransomware attack include:
#1 Regular Updates: Ensure all IT systems are running supported versions and latest security updates have been installed
#2 Staff Training: Ensure staff have received appropriate training to be able to spot phishing scams
#3 Anti-Virus Protection: Ensure your IT systems are protected by anti-virus software and firewalls
#4 Backup Data: Ensure regular data backups are taken to minimise data loss if the worst were to happen
#5 Two-Factor Authentication: Ensure two-factor authentication is used to prevent hackers gaining access
How Ransomware Attacks Are Becoming More Common
Not only are phishing scams becoming more and more prevalent, but server search engines such as Shodan allow users to search for various different servers and devices, from baby monitors to security systems, allowing cyber criminals to exploit their use and connect to thousands of insecure Industrial control systems (ICS) around the world! Many of these require no passwords or authentication (obviously, you legally must not connect to others’ devices!). With such easy access to systems and devices around the world, it’s unsurprising that ransomware attacks are becoming more and more common.
SCADA systems and devices, which are typically used to control physical processes such as the transportation and transmission of oil and electricity, as well as PCL devices, should obviously not be accessible on the internet as the consequences of any kind of cyber attack or ransomware attack could be catastrophic.
Looking to Upgrade Your Cyber Security Systems?
If you would like a mini or full security audit of your IT risks, then do get in touch with us. Our plain-English IT security summaries can easily be understood and will allow you to manage the rapidly evolving ransomware attack risks into 2022.
We’ve been working in the cyber security and IT security industry for over 20 years, so we’ve seen how ransomware and cyber security attacks have evolved over the past few decades and have prevented thousands of security breaches and cyber attacks for our clients over the years. We hope this guide was helpful and if your business, whether in the manufacturing industry or a different sector, is currently suffering from a ransomware attack, speak to us today and we’ll be able to assist.