Ransomware has become cybercriminals' new favorite method of profiting from stolen data. A Honda manufacturing facility was recently hit by a ransomware attack that shut down production. How can industrial networks protect themselves against having their production held hostage? Operational Technology and Industrial Networks must integrate their cybersecurity functions.
A new breed of ransomware called Snake is designed to attack Industrial Control and SCADA Systems. When the back-office isn't the only thing affected, but also the manufacturer's production lines... it's enough to raise some eyebrows, to say the least.
As manufacturers continue to be targeted by hackers, part of the problem is the attitude of the CTOs and IT teams who expect their factory’s network security to be inherently covered by providers. You can’t protect what you don’t know is there. Often the manufacturers who fall victim to a breach never realized or mapped out all of the systems and IoT devices intertwined on their networks.
The key is to know your IT environment better than hackers. With a professional network security team that specializes in protecting manufacturing data, a blueprint for endpoint security success is achievable.
Why is manufacturing one of the most targeted industries for cyber attacks? The push for digital transformation is partly to blame. As manufacturers continue to adopt more and more IoT, cloud, and automation, it opens more doors for hackers to penetrate. Also, robotics are susceptible to breach, such as an autonomous welder, which can be hacked remotely whereas it’s outdated human counterpart could not.
Hackers aren’t only interested in holding data ransom for big bucks, but also in stealing Intellectual Property from U.S. companies. It could be a particular product or process that would benefit another country’s economy, making these types of data breaches a significant matter of politics or international relations.
It's not just the juicy trade secrets that hackers would love to exploit, but manufacturers are easy targets with largely exposed networks. This is due to a mindset of prioritizing protecting OT rather than IT. It doesn’t have to be this way. Manufacturers can up their data protection game and prevent DDOS, ransomware, IoT, IIoT, and ICS attacks.
Ransomware is simply the most profitable for hackers, as opposed to fencing stolen data or other schemes. Traditionally, ransomware attacked Windows and Linux IT systems and encrypted files, essentially holding them hostage and only encrypting and releasing the files back to the victim upon receipt of payment. Now, there is a new particularly nasty species of ransomware, such as Snake, which targets industrial control systems (ICS) and SCADA systems. Access can be gained in a variety of ways, such as traditional phishing, but recently hackers have found access through some Remote Desktop Protocol with weak passwords. Can you imagine having your production held hostage? If it can happen to Honda, it can happen to anyone.
If the cost of downtime isn’t motivating enough to turn the most tech-resistant or staunch manufacturing executive’s head towards IT, then one of these reasons should raise an eyebrow:
The question to ask leadership teams, is can you afford not to invest in cybersecurity? Having production shut down for even a short period of time can potentially cost millions in revenue. Not to mention your reputation and brand identity are equally compromised in the event of a data breach. It’s high time to pull out all the stops and make a paradigm shift when it comes to factory IT security.
Don’t be caught investing in smart technology such as IoT only to play dumb about security. Are you ready to take your manufacturing data security more seriously? The industrial and IIoT experts at Emerge IT can keep your data in-house and keep the hacking hijinks out.