Ransomware and the IoT
According to the 2019 Official Annual Cybercrime Report, a business falls victim to a ransomware attack every 14 seconds. As manufacturers connect more equipment to the Internet of Things (IoT), ransomware and other security breaches pose a more serious threat to productivity.
From industrial robots in processing plants to connected security systems, the Internet of Things is reshaping manufacturing. Manufacturers now have access to data from a range of network-connected devices, which they can use to make business decisions, improve operations and reduce downtime. According to Gartner, there will be 20.4 billion connected devices in use by 2020 and businesses will account for at least eight billion of these. However, without the necessary security in place, each device represents a potential entry point for malicious attacks.
Held for ransom
The manufacturing industry has become a popular target for ransomware ― malicious software that blocks the user’s access to a computer system or device until a sum of money has been paid. High profile victims include Nissan, Renault and C.E. Niehoff.
Manufacturers feel the true cost of these attacks when production lines come to a halt, and many firms pay out of desperation. In 2019, Norsk Hydro, a global aluminium producer, was the victim of a ransomware attack that hit 22,000 of its computer systems in over 40 different countries. It was estimated that the total recovery cost Norsk Hydro £45 million.
Encrypting ransomware, also known as cryptoware, is the most common type. It finds and encrypts valuable data stored on computer systems and, for manufacturers, this could include data obtained from operational technology like pumps, compressors and motors. It could also be valuable customer data that could lead to serious data breaches if released. Katyusha, for instance, is an encryption trojan that threatens to distribute data for public download if its demands are not met.
While manufacturer’s valuable data will typically be stored in the cloud rather than on the connected device, ransomware attackers can also lock your devices. They could use these physical assets to wreak havoc on a production process until you pay. So, what can manufacturers do to defend themselves?
Although there’s no silver bullet for ransomware attacks, you can take certain steps to avoid security breaches in your IoT system. First, if you use smart devices you should remotely upgrade their firmware as insecure update channels can allow the device to become infected more easily. You can also eliminate malware entry points by encrypting the communication channels that connect your devices.
Manufacturers should protect their IoT systems by having strategies in place to identify infections early on. For example, Proteus Disaster Resilience is designed specifically for operational technology environments and includes algorithms that identify when an infection has entered the network of devices. These can be retrofitted and incorporated into existing systems, so manufacturers can also protect legacy systems.
You should also regularly back up your system and introduce redundancy provisions by storing your data locally and securely away from the site.
Ransomware attacks a business every 14 seconds. Don’t let the next attack be on yours.