Cybersecurity: Recognizing threats, addressing attacks
Power outages, hurricanes, tornados, floods – all things that can cause manufacturers to lose sleep. But if those traditional crises don’t cause enough sleepless nights, today manufacturers face a whole new array of issues: cyber threats that can suddenly stop and sometimes ruin production.
Consider this scenario: An employee settles into their computerized worksite bright and early one Monday morning, only to be stunned with a terrorizing message on his or her screen: “$600,000 to regain access to your company’s files.”
It is a reality and a part of the Internet of Things (IoT). A dreaded cyberattack can happen anytime – even to the smallest businesses. As FBI computer scientist James Morrison says, “There are two kinds of companies: those who’ve been hit and those who’ve been hit again.”
Intellectual property is being sought after via the internet, and foreign entities are always looking for ways to duplicate proprietary methods manufacturers use, Eric Rieger, President of WebIt services told TMA News Bulletin.
“Any ownership that doesn’t think their company is big enough to be a target of cyber threats is mistaken,” Rieger said.
If a manufacturer is part of a supply chain for a much larger company, and the two share intellectual property via the internet, that supplier can inadvertently provide access to the larger company’s records – and end up devastating the smaller company, Rieger said.
“The bad guys are always looking for the weak link in the supply chain. If companies don’t realize that, they’re not taking the threat as seriously as they need to,“ he said. “The bad guys are putting a bull’s eye on you.”
SEVEN TYPES OF CYBER ATTACKS
Not only do cyber criminals want access to information, they’re also interested in disabling company operations. Hackers are using seven or so methods to intrude, with more being developed, CSOOnline.com reports. Those types include:
1. Malware – Worms, viruses, and trojans are all varieties of malware, which may render the computer or network inoperable, or grant the attacker root access so they can control the system remotely.
2. Phishing – Cyber criminals use crafted emails to fool a target staff member into taking some harmful action.
3. Denial of service – A denial of service attack might send so much traffic to a website or so many requests to a database that it overwhelms those systems’ ability to function, making them unavailable for use.
4. Man in the middle – An example of an MITM attack would be an attacker mimicking a hotel network with a fake website and harvesting information from users.
5. Crypto jacking – Crypto jacking is a specialized attack that involves getting someone else’s computer to do the work of generating crypto currency for another source.
6. SQL injection – SQL injection is a means by which an attacker can exploit a vulnerability to take control of a victim’s database.
7. Zero-day exploits – Zero-days are vulnerabilities in software that have yet to be fixed. The name arises because once a patch is released, each day represents fewer and fewer computers open to attack as users download their security updates.
THE FALLOUT OF A CYBER ATTACK
Another TMA affiliate – Mother G – warns what could happen if an unprotected company’s cyber system is attacked: Rebuilding will be costly and a company’s reputation could be seriously harmed.
“You’re going to dig deeper into your pockets, which will impact your business not just today, but for the future,” Mother G says on their website blog about cybersecurity risks. “How disappointing would it be to have to pause research and development on something that can change your business and industry? What if you couldn’t afford new equipment because of this instance? Or even worse, what if you lose talent because you can’t afford their salary?”
All fair points. But even more could be harmed with neglect, they say.
“Remember the Equifax breach a few years ago? Who can trust them to protect your data when all reports point to simple things, like consistent patching, that could have prevented this problem?” Mother G asks. “Any profession you’re in from medical to manufacturing to construction, you’re controlling your customers’ vital data. You can’t let it fall into the hands of someone else. You need to be protected.”
The FBI lists several tips for dealing with cyber threats, with most of the focus on the importance of prevention:
- Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
- Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Ensure anti-virus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write- access to those files or directories.
6. Disable macro scripts from office files transmitted over e-mail.
7. Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
The FBI also offers these two suggestions for business continuity efforts:
- Back up data regularly and verify the integrity of those backups regularly.
- Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.
Most small and mid-sized manufacturers have limited capacity to in-house IT professionals that can address all those needs. Technology & Manufacturing Association has a list of affiliate members that offer education and advice on cybersecurity attack prevention.
Securing against cyberthreats isn’t a one-time investment, Eric Rieger of WebIt told TMA News Bulletin. His counsel is similar to that which a doctor would give a patient focused on living a healthy lifestyle.
“We get calls from companies that say they need their security and plan to outsource it to us so they don’t have to think about it,” Rieger said. “We at WebIt can protect you to a certain point, but you will need to be involved. This isn’t something to which you can simply throw money. You need to actively participate to secure your own business.”
Welcome to the Internet of Things … and make sure your cyber is secure.
From the Technology & Manufacturing Association’s September/October 2019 edition of their bi-monthly News Bulletin. By Fran Eaton.