The ransomware demands hitting design engineers
The continued growth of digital technology, automation and the Internet of Things is helping engineers make their designs more efficient and cost-effective than ever before. Industry leaders, from design through to manufacturing, know that adopting the ‘Industry 4.0’ approach is the only way to continue to compete, so they are using real-time data to gain a competitive edge and boost those all-important margins. However, this marriage of old and new technologies introduces new cyber risk which, if ignored, could put a stop to business altogether.
Don’t run before you can walk
The race to Industry 4.0 has captivated the industry, with nearly half (46%) of engineering and construction company executives saying they have already reached advanced levels of digitisation in product development and engineering, according to PwC.
As industrial equipment gets digitalised, what is happening, essentially, is that more and more previously unconnected things become part of the IT network. Thus, the teams that look after the security of the IT network will suddenly find themselves with a much larger attack surface to protect.
For manufacturing and engineering leaders, defending against cyber-attacks should be high on the agenda. The manufacturing sector in particular has been known to trail other industries in adopting new technologies, and now its aversion to cybersecurity investment leaves it more vulnerable to new types of attacks. One that is a particular concern currently is ransomware, a threat that is becoming increasingly complicated to defend against.
The risk of ransomware
Ransomware is a form of software that, when downloaded, encrypts files and data on the victim’s infrastructure, blocking their usage until a sum of money is paid. For engineering and manufacturing firms this could grind production to a halt, damage customer relationships and incur huge costs. It could also mean intellectual property and design files are lost forever.
It is usually delivered in the form of a simple phishing email, containing a misleading attachment for the victim to open. Once opened, the attachment encrypts the data in the user’s system and lets them know how much money they need to pay to get the decryption key. Recent research from the EEF has shown that 20% of manufacturers don’t make their employees aware of cyber risks in company policies, so it’s easy to see why they are particularly susceptible.
The damage done by ransomware has historically depended on who in the company is targeted. However, more recently we have seen variants of ransomware that have extended their scope beyond the hard drive of a single PC. Instead, they use ‘privileged’ accounts – i.e. those which provide advanced access – on the infected PC to move more widely within the network, to search for business-critical files and make them inaccessible. This means that, by infiltrating just one account, attackers can navigate the entire network to find and deadlock vital files and data, at an even greater cost to the business.
Most anti-malware and anti-ransomware solutions today focus on detecting and blocking malware at the point of inception. These solutions are useful when you know what you’re looking for – but ransomware continues to evolve, with new variants coming out every day. Manufacturing organisations should therefore adopt a multi-layered approach, which employs application control and removes local privileges (i.e. the ability to access more sensitive parts of the network) from regular PCs. This will reduce the surface for attacks and block their progression.
Steps must also be taken to protect the most sensitive files in the organisation. Employing greylisting - an approach that allows unknown applications (i.e. the latest ransomware variant) to execute harmlessly - blocks ransomware from being able to access or encrypt your critical files.
Backing up data is also a simple but crucial tool in the fight against ransomware. With multiple generations of backup - taken from automatically backing up data at various intervals - the system can be wiped and restored in an instant, avoiding the need to pay any ransom. With findings from Trend Micro research indicating that only 45% of infected companies got their data back upon paying the ransom, this is pivotal to keeping operations running.
Manufacturing and engineering companies must undoubtedly embrace Industry 4.0 to stay relevant, but cybersecurity must remain a primary consideration. By dedicating equal time and investment towards protecting their highest value assets through improved cybersecurity, organisations can limit the impact of fast-growing threats - such as ransomware - and ensure their business remains operational at all times.
By Matt Middleton-Leal, Regional Vice-President UK, Ireland and Northern Europe, CyberArk