Many UK manufacturers are still running legacy systems which are extremely vulnerable to ransomware cyber security attacks, such as the recent high-profile WannaCry epidemic which impacted businesses in more than 150 countries.
But with regulations requiring organisations to protect their data, and with the UK’s manufacturing industry more competitive than ever before, the importance of having a robust disaster resilience provision in place has never been more critical.
Tony Mannion, Sales Development Manager at SolutionsPT, examines the security challenges facing manufacturers running legacy systems and looks at how they can protect themselves against potential ransomware attacks, and ensure they are able to recover critical data in the event of one taking place.
The UK’s manufacturing industry is currently more competitive than ever before, with manufacturers racing to reduce costs and increase profitability in order to gain a competitive advantage over their rivals. Although it is widely acknowledged that one of the best ways of doing this is by using the most up-to-date industrial systems, a significant number of manufacturers are still operating legacy control systems which are extremely insecure and leave their systems at risk of suffering disruptive cyber-attacks.
With cyber-attacks increasing 24% globally during the second quarter of 2017 (compared to the first three months), and with manufacturing the industry most frequently targeted by cyber attackers*, the risk to manufacturers has never been higher. So how can manufacturers, especially those still running legacy systems, ensure their operations are safe from the threat of a ransomware attack? And, if one does take place, what can they do to neutralise its impact?
Ransomware has become a big problem for manufacturers. With recent high-profile attacks such as the WannaCry and Petya epidemics – which impacted businesses in more than 150 countries and affected critical infrastructure including airports and government departments – and with other significant challenges including the malware’s ability to spread quickly and force unscheduled downtime, manufacturers can no longer afford to ignore the threat it poses. Indeed, if unplanned downtime does occur, manufacturers risk reductions in productivity and profitability, as well as a loss of reputation and, in some cases, a loss of clients.
Another problem ransomware poses is that attacks are often not targeted, meaning all systems, including legacy systems, unpatched systems and Windows systems, are at risk of infection. Furthermore, if a ransomware attack can infect your systems and your networks suffer from a lack of visibility, knowing what the malware is targeting and what damage it is doing is virtually impossible.
But arguably the biggest threat to manufacturers is the loss of data. As well as being massively disruptive to operations, the loss of key data can carry legal implications with it, as some industries are required to provide information to Government agencies, such as the Environment Agency, and failure to do so can result in substantial fines. Similarly, for manufacturers in regulated industries who are unable to sell their products into certain markets unless they have a complete set of production data, such as the pharmaceutical industry, the loss of data can be catastrophic.
Manufacturers must ensure they are protected against ransomware attacks by having a protective strategy in place which can identify an infection early. Modern Disaster Resilience solutions, such as Proteus by industrial IT solutions provider SolutionsPT, feature algorithms which can identify when an infection begins to affect your system and protect your back-ups, securing your data and allowing you to maintain a safe and speedy recovery position. And, because it has been designed to fit into existing environments, it can be easily retro-fitted, making it particularly effective when it comes to protecting legacy systems.
By detecting the mass changes of files that are the core of a ransomware attack, Proteus enables the recovery of critical data via virtualisation which runs a backup of your machine in isolation from your network and other machines, allowing you to find the infected files and purge them from your system.
A disaster resilience provision also ensures your site is fully operational again as quickly as possible, whilst simultaneously limiting the amount of data that could be lost in the event of a disaster. Backups are taken and tested regularly, before being stored locally and securely offsite, meaning you have a redundancy provision built into your system. Likewise, the virtualisation technology means that those backups can be activated in a virtual environment within minutes of a machine failure, protecting critical OT systems and allowing plants to remain operational whilst a failed machine is replaced. Backups can be undertaken hourly, daily, weekly or monthly, enabling a backup strategy specific for your site and requirements to be developed.
In order to remain safe from cyber-attacks, manufacturers need to develop an architecture that is inherently secure by design, and ensure they have a plan in place to protect them against the threat of multiple types of cyber-attacks. This is a cultural issue and the biggest victory a company can achieve against cyber criminals is for a shift in mind set around the OT environment. A disaster resilience provision should be the cornerstone of every manufacturer’s cyber security strategy, as this will ensure they are still able to function in the event of an attack, even when it is impossible to prevent the attack from occurring in the first place.
Sourced by Tony Mannion, Sales Development Manager at SolutionsPT