Key points
Many UK manufacturers are still running legacy systems which are extremely vulnerable to ransomware cyber security attacks, such as the recent high-profile WannaCry epidemic which impacted businesses in more than 150 countries.
But with regulations requiring organisations to protect their data, and with the UK’s manufacturing industry more competitive than ever before, the importance of having a robust disaster resilience provision in place has never been more critical.
Tony Mannion, Sales Development Manager at SolutionsPT, examines the security challenges facing manufacturers running legacy systems and looks at how they can protect themselves against potential ransomware attacks, and ensure they are able to recover critical data in the event of one taking place.
It’s no secret that the UK’s manufacturing industry is currently more competitive than ever, with the need to increase profitability while simultaneously reducing costs forcing manufacturers to fight even harder than usual in order to establish a competitive advantage, and one of the most effective ways of doing this is by ensuring that they are using the most cutting edge industrial systems.
Despite this, however, a significant number of manufacturers are still operating extremely insecure legacy control systems which are liable to leave their systems exposed to disruptive cyber-attacks.
Compared to the first three months of the year, cyber-attacks increased by 24% globally during the second quarter of 2017. Combine that with the fact that the manufacturing industry is now the industry most frequently targeted by cyber attackers* and it becomes clear that the risk to manufacturers has never been greater.
So how can manufacturers, particularly those still running legacy systems, ensure their operations are safe from the threat of a ransomware attack? And, if one does take place, what can they do to minimise its impact?
Ransomware has become a major problem for manufacturers….
With recent high-profile attacks, such as the Petya and WannaCry epidemics which disrupted businesses in more than 150 countries and affected critical infrastructure including banks, airports and government departments, and with other key challenges including the malware’s ability to spread quickly and force unscheduled downtime, manufacturers are no longer in a position where they can afford to ignore the threat it poses.
Indeed, if unplanned downtime does take place, manufacturers risk significant reductions in both productivity and profitability, as well as a loss of reputation and, possibly, a loss of clients.
All systems are vulnerable to infection
Another problem associated with ransomware is that many attacks are not targeted, so all systems, whether they be unpatched systems, Windows systems or the aforementioned legacy systems, are vulnerable to infection.
Similarly, if a ransomware attack can infect your systems, for networks which suffer from a lack of visibility, knowing what the malware is targeting and what damage it is doing is nigh on impossible.
But perhaps the biggest threat to manufacturers lies in the loss of data. This is a major issue for manufacturers because, as well as being massively disruptive to operations, the loss of key data often carries with it legal implications, as some industries are required to provide information to Government agencies, such as the Environment Agency, and failure to do so will result in substantial fines.
Likewise, for manufacturers in regulated industries who are unable to sell their products into certain markets unless they have a complete set of production data, such as the pharmaceutical industry, the loss of data can be catastrophic.
Protect against ransomware attacks with a protective strategy
Manufacturers need to ensure they are protected against ransomware attacks by putting a protective strategy in place which can identify an infection early.
Modern Disaster Resilience solutions, such as Proteus by industrial IT solutions provider SolutionsPT, feature algorithms which can identify when an infection begins to affect your system and protect your back-ups, securing your data and allowing you to maintain a safe and speedy recovery position.
And, because it has been designed to fit into existing environments, it can be easily retro-fitted, making it especially good at protecting legacy systems.
By detecting the mass changes of files that are at the core of a ransomware attack, for example Proteus enables the recovery of critical data via virtualisation which runs a backup of your machine in isolation from your network and other machines, allowing you to find the infected files and then purge them from your system.
Disaster resilience provision
A disaster resilience provision also ensures your site is fully operational again as quickly as possible, whilst also limiting the amount of data that could be lost in the event of a disaster. Backups are taken and tested regularly, before being stored locally and securely offsite, meaning you have a redundancy provision built into your system.
Furthermore, the virtualisation technology means that those backups can be activated in a virtual environment within minutes of a machine failure, protecting critical OT systems and allowing plants to remain operational whilst a failed machine is replaced.
Backups can be undertaken hourly, daily, weekly or monthly, enabling a backup strategy specific for your site and requirements to be developed.
In order to remain safe from cyber-attacks, manufacturers need to develop an architecture that is inherently secure by design, and ensure they have a plan in place to protect them against the threat of multiple types of cyber-attacks.
This is a cultural issue and the biggest victory a company can achieve against cyber criminals is for a shift in mind set around the OT environment to take place.
A disaster resilience provision should be the cornerstone of every manufacturer’s cyber security strategy, as this will ensure they are still able to function in the event of an attack, even when it is impossible to prevent the attack from occurring in the first place.
* www.computerweekly.com/news/450424302/Manufacturing-a- key-target- for-cyber-attacks
