Skip to content

Ransomware in Manufacturing: What You Need to Know

MEP National Network Logo
By MEP National Network Sponsored Article

Many manufacturers think they aren’t big enough to be targeted for cyberattacks. Their small size and low public profile may give them a false sense of security. As manufacturing operations become more digitized and cyberattacks more sophisticated, even the smallest firms are potentially vulnerable.

Manufacturing is now the most targeted industry for cyberattacks. It’s not just the big firms getting hit – small businesses account for over half of data breaches. What makes smaller manufacturers easy targets? Staying current with cyberthreats is especially hard for smaller firms that have a lot of other things to worry about. Small firms often put fewer resources into cybersecurity and neglect protecting their systems adequately. They may use older computers that don’t receive security patches or software updates – leaving the whole system more vulnerable to a breach.

Ransomware Attacks are More Sophisticated Than Ever

NST 221818 SME Media IMG1.jpg

One of the biggest cyberthreats to businesses today is ransomware. Ransomware is used by criminals to hold data hostage and demand payment. This constantly changing form of malware sweeps through an entire system, encrypting files and rendering them useless. Ransomware attacks can get out of control quickly. Attackers are growing bolder and using high-pressure tactics to get ransom payments.

Ransomware isn’t new, but the incidents are increasingly disruptive. You may not realize right away that your company’s computers are infected. Often the ransomware is downloaded unintentionally and sits on your system, siphoning information, before encryption is triggered. At that point, your firm’s data is held behind a paywall until you pay a ransom to release it – with no guarantee that you’ll get your data back even if you pay!

While firms used to be able to restore their data from backups, it’s often no longer that simple. With more sophisticated attacks and stealth operations, your backup files may be infected or destroyed before you even know you’re under a ransomware attack.

Breaches often result in privacy violations and public relations issues. If the hackers are from Russia or another sanctioned nation, you may violate laws by paying criminals ransom. You want to do everything you can to avoid this situation.

Employee Awareness and Training Reduces Your Risk

You trust your employees, but studies show they are a vulnerable point in every company’s information security. Create a “human firewall” as your first line of defense. Train your employees about cybersecurity from day one and update that training at least annually.

Make sure your employees are aware of threats, understand your information security policies, and know what they’re expected to do to protect your firm’s information and technology. Provide your employees with guidance on issues like:

  • Acceptable uses of business devices: What can they use business computers and mobile devices for? Can they check personal email on them?
  • What to look for: Make sure your employees know how to recognize suspicious emails and other fraudulent online communication. Use phishing simulation training or interactive games so they have practice.
  • What to do: Make sure employees know what to do if they suspect a cybersecurity incident.

Take a Layered Approach to Your Cybersecurity

Your best bet to prevent ransomware attacks is developing a cybersecurity plan that assumes you have vulnerabilities inside and outside of your networks and firewalls. Key elements of a good plan include:

The evolving ransomware landscape means your firm is at risk if you don’t take the threat seriously. To ramp up your defense against ransomware attacks, consider:

  • Requiring multi-factor authentication: Logging in with a password is no longer enough. Some manufacturers now require employees to authenticate themselves with a six-digit code sent to a mobile device.
  • Limiting access based on roles: Don’t allow any employee to have access to everything. Each employee should only have access to the systems and specific information they need to do their job, such as financial, personnel, inventory or manufacturing systems.
  • Using behavioral-based endpoint detection and response (EDR): Older antivirus software may no longer offer the security you need. Different types of files are involved in cyberattacks that may get past antivirus software. EDR looks at file types, but also at how a workstation engages with the system. For example, EDR would recognize unexpected behavior – which could indicate an attack.
  • Make full backups of important business information: Conduct a full, encrypted backup of the data on each computer and mobile device at least once a month, shortly after a complete virus scan. Be sure to test the success of your backup to confirm operations can be restored. Store these backups away from your office location, disconnected from your networks, in a protected place so that if something happens to your office — such as a fire, flood, tornado or theft — your data is safe. Save a copy of your encryption password or key in a secure location, separate from where your backups are stored.

Review Your Cybersecurity Controls to Protect Your Company’s Assets

Your company benefits from periodically reviewing its operations and supply chain. Similarly, you should hit “refresh” periodically and take a careful look at the strength of your cybersecurity controls and protocols. You want to make sure you’re doing everything you can to prevent breaches, but are also prepared to respond to an attack if it happens. A cybersecurity review helps you identify vulnerabilities and make informed decisions.

NST 221818 SME Media IMG2.jpg

Reducing your cybersecurity vulnerabilities makes your firm a more attractive supplier. Larger companies demand increased visibility in their supply chains. Many encourage or require companies in their supply chain to have cybersecurity measures in place. This helps ensure that the bigger firms’ systems don’t get hacked through their suppliers. It also creates trust that suppliers are reliable and reasonably safe from attack, reducing the likelihood of a supply chain disruption.

Think of it as preventive maintenance. The steps you take to improve your cybersecurity defenses will protect your various assets – equipment, intellectual property and sensitive information about your supply chain partners. Strong cybersecurity is good for your business, so now is a great time to get started. And it’s more vital than ever with increased digitization – you have more vulnerabilities and more to lose. The cost of a breach is likely much more than the cost of prevention.

Your Local MEP Center Can Help You Prevent Ransomware Breaches

No ransomware prevention plan is perfect, so update your cybersecurity plan at least annually. Your local MEP Center is here to help with expertise and access to a variety of cybersecurity tools and resources to meet your needs.

Steve Gillock is Cybersecurity Director at TechSolve, part of the Ohio Manufacturing Extension Partnership and the Manufacturing Extension Partnership National Network.

Joe Anderson is Senior Cybersecurity Analyst at TechSolve, part of the Ohio Manufacturing Extension Partnership and the Manufacturing Extension Partnership National Network.

  • View All Articles
  • Connect With Us
    TwitterFacebookLinkedInYouTube

Related Articles

Always Stay Informed

Receive the latest manufacturing news and technical information by subscribing to our monthly and quarterly magazines, weekly and monthly eNewsletters, and podcast channel.