Supply chain cyber attack warning for the engineering and manufacturing industry

Engineering and manufacturing businesses have been issued a warning by cyber experts at the North East Business Resilience Centre (NEBRC), a non-profit, police-led organisation. The warning comes following a trend in ransomware attacks within the supply chain of engineering and manufacturing firms. 

Martin Wilson, Detective Inspector and Head of Student Services at NEBRC warns, 

“We recently helped a manufacturing business that was at risk from a cyber attack, due to a compromised supply chain. This is a trend we are seeing increasingly for businesses in the industry and across all sectors, where criminals find vulnerabilities through a supplier. This can leave all businesses they operate alongside at risk, with long-lasting consequences. 

“Businesses should regularly check for weaknesses and should perform additional checks should they suspect a threat within their supply chain. It’s not just employee, business and customer data at risk. There is a very real threat to business finances, whether directly from the attack or in fines and compensation payments. Attacks can also tarnish a brand’s reputation, affecting business performance for years to come.” 

Investigating vulnerabilities

Preventing attacks and reducing vulnerabilities is key and businesses should act fast if they suspect their supply chain has been compromised. One of the best ways to spot holes in your security is to conduct a vulnerability assessment. This involves scanning and reviewing business systems, to search for weaknesses such as; poorly maintained or configured systems, limited access controls and easy access to sensitive data. It simulates the approach a criminal would take to infiltrate your system and includes an easy-to-understand report, explaining the results, including definitions of weaknesses and the associated risks, plus plans and guidance on how to fix and minimise those risks. 

Commenting on a recent successful vulnerability assessment, Martin commented,

“Our student ethical hackers, under the supervision of industry professionals, recently supported an organisation in the engineering and manufacturing industry. We worked collaboratively with their technology provider to undertake a vulnerability assessment of their server and a review of existing information security policies. The firm was concerned that attacks within their supply chain could reach them and so they wanted to be proactive in their response to prevent further threats.”

This assessment involved checking how the server might be attacked across the internet and looking for any weakness that might have been present on the inside of the organisation's network. It also benchmarked the company’s security policies against the internationally recognised best practices in the ISO27001 series.

Martin adds, “While undertaking the assessment, the team found numerous PORTS (connections used to exchange information) were open on the server, presenting a possible risk of ransomware attacks. The policy review suggested improvements to the data backup position, another vital defence in the fight against ransomware, as properly configured backups identify the data any organisation cannot do without and ensure that data is copied and stored elsewhere.”

“The firm then worked with its technology provider to close PORTS that didn’t need to be open and made some changes to its backup solutions, meaning in the event of an attack, the company had readily accessible backups it could revert to. These actions, combined with phishing training delivered virtually by our team, meant that the engineering firm was in a much stronger, more resilient position and is less likely to be the victim of a ransomware attack.”

Finding support to plug skills gaps 

Often businesses and workers are aware of password best practices but few understand that ofen vulnerabilities are targeted not orgnasiations per se. Many don’t know what to do if a compromise is suspected. Cyber security can feel daunting and expensive however, should a threat infiltrate your business, the costs of recovery are much higher than the cost of proactivity. 

There’s a network of cyber resilience centres across the UK, such as the NEBRC who are able to keep costs low for engineering firms and plug skills gaps by subsidising security assessments where possible. 

For further information about cyber security for your business check out the NEBRC or find your local centre via the NCRC Group.