How manufacturers can safeguard from ransomware attacks
A fifth of all ransomware attacks globally are directed at the manufacturing industry. In fact, over the past 12 months, almost half of all UK manufacturing firms were the victim of some form of cyber attack.
So why is manufacturing such a popular target for cyber criminals? Firstly, the sector is hugely profitable – despite the disruption caused by the pandemic and the continuing impacts of significant global headwinds, the sector hit US$44.5trn in 2022, says James Derbyshire, Garrison’s Browser Isolation Expert.
At the same time, the automation and digitisation of the industry has left it particularly vulnerable to attacks. For most firms, everything from supply chain management to the production process is computerised, meaning not only that the threat surface is far greater, but that the potential impact of ransomware could be devastating to the business. If ransomware succeeds in taking operational systems offline, most manufacturers simply couldn’t operate.
The devastating business impact of cyber attacks on manufacturing businesses and their supply chains
Ransomware works by encrypting the data on a device or network so that it is inaccessible to the target organisation. This leaves many organisations with no choice but to pay the ransom to release the data and to get their business up and running again.
But paying the ransom is just one part of the financial hit. Successful attacks often severely limit a firm’s ability to operate, and have potential implications for its supply chain operations too.
Norsk Hydro, one of the world’s largest aluminium producers, was the target of a successful ransomware attack in 2019. This affected the manufacturer’s entire business operations across 40 countries, and it is predicted that this cost the company US$71mn.
What’s more, in addition to financial implications, these attacks also hold reputational risks – almost half (46%) of organisations that experience a cybersecurity breach report a negative impact on their reputation and brand’s value as a result.
The risk of the web browser
The web browser is the commonplace tool used by employees of all levels to gain access to trusted systems, cloud services, and of course, the wider internet – and it’s here that the risk of ransomware and other cyber attacks loom large.
Ransomware works by applying sophisticated social engineering techniques that convince users that it is safe to click on a link, thus inadvertently installing the malware.
And as an employee is usually able to allow almost any website to run a programme on their machine, one mistake could cause the web browser to become the gateway for a crippling ransomware attack.
The Norsk Hydro attack was caused by an employee opening an infected email. This shows how a seemingly small and insignificant error has the potential for huge operational impact, and severely affect a business’ bottom line – in this case, costing the company in question tens of millions of dollars.
The limitations of ransomware detection
Traditional security measures simply aren’t working, and the increase in successful ransomware attacks is testament to this. So what’s the problem? The biggest shortcoming is that conventional technologies can’t actually stop the malware from entering a network – all they do is detect it once it has successfully broken past a firm’s security controls. And at this stage, often it’s too late.
Additionally, these tools are only able to defend against known malware, leaving firms unprotected against new, zero-day malware attacks.
Browser Isolation is one solution that is growing in popularity with sensitive government organisations and security-conscious firms across a range of industries. The solution creates an impermeable separation between an employee's device and the internet, meaning that the risk of employees coming into contact with web-based malware is completely removed.
By using an approach called ‘Pixel Pushing’ – which turns the browsed web page into a safe, interactive video stream – employees don’t run the risk of mistakenly clicking on a dangerous link and allowing malware into the business. Although for the employee the experience of going online is exactly the same, for the organisation the picture is very different – all risk of web-based ransomware attacks is removed.
Unlike traditional security tools, Browser Isolation is a web security model that does not rely on detection, but instead assumes that all content is malicious. Even the most benign webpage is isolated from company devices, meaning that an organisation's internal network will never come into contact with web-based malware, including ransomware.
A new approach is needed in the manufacturing sector
Over the past decade, ransomware has come of age – growing in both sophistication and frequency. In 2022, ransomware attacks increased by 80% year-on-year. These attacks are specifically designed to cause as much disruption as possible, thus increasing the likelihood of the company paying the ransom.
The devastating impact of these incidents on manufacturing firms has been proven time and time again. It’s become clear that manufacturing companies need to change their approach to cyber security, to protect their bottom line and their reputation from these crippling attacks.