Strategy to help manufacturers defend against the growing threat of ransomware attacks by cyber criminals is discussed by Florian Malecki, Executive Vice President of Marketing, Arcserve.
Maintaining, supporting and protecting critical manufacturing processes is vital for the proper functioning of our society and economy. It is almost impossible to imagine life without the robust and continuous production of essential products, from automobiles and chemicals to clothing and electronics.
While many of us take this provision for granted, cyber attackers understand how dependent we are on them, and they are always looking for an opportunity to strike.
Critical manufacturing is vulnerable precisely because it is so important. The bad guys know there is a lot at stake if they disrupt these operations. They know they have a chance to make a quick profit because the costs and labour associated with manually recovering from something like a ransomware attack are so high that the victims often pay the ransom to maintain service continuity.
A high profile example was last year’s Colonial Pipeline ransomware attack which took down the largest fuel pipeline in the USA and caused temporary fuel shortages. It was later revealed that the company paid the hackers nearly $5 million in ransom just a day after discovering malware on its systems.
A problem that is getting worse
The reality is that critical manufacturing is getting hit by increasingly frequent ransomware attacks. Why? Because while ransomware has evolved and attacks have accelerated, spending on modernisation for manufacturing IT systems has failed to keep pace.
The manufacturing industry broadly relies on tried-and-true IT security technologies that worked in the past but are getting long in the tooth. Indeed, many companies continue to use outdated hardware, software and networks vulnerable to today’s persistent threats.
Add to this the rapid shift to virtual operations in the wake of the Covid-19 pandemic. Organisations create, share and access data from remote locations on less secure networks, and hackers have pounced. Cyber security company Bitdefender reports that ransomware attacks jumped an eye-watering 485% in 2020, and many of the targets are in manufacturing.
There is even a new trend known as ransomware as a service (RaaS). This subscription-based model enables virtually anyone to use already developed ransomware tools to launch attacks. The developers of the malware line their pockets by taking a percentage of each ransom payment received.
Overall, the cybercrime problem is now immense, with damages totalling an estimated $6 trillion a year. Put all the cyber criminals in one place and make them a nation, and they would have the world’s third largest economy after the USA and China.
3-2-1-1 data protection strategy provides defence
All manufacturers must improve their efforts to identify, deter, protect against, detect and respond to these actions and actors. So what can the sector do to defend itself?
One of the first steps it should take is to adopt the ‘3-2-1-1’ data protection strategy. This strategy directs that you have three backup copies of your data on two different media, such as disk and tape, with one of those copies located offsite for disaster recovery. The final ‘one’ in this equation is immutable object storage.
Immutable object storage safeguards information continuously by taking snapshots of it every 90 seconds. Even if disaster strikes, you can quickly recover your data. Immutable snapshots are readonly versions of metadata for data and files.
These snapshots provide point-in-time data recovery. They enable you to roll back to a previous file state and they cannot be altered, overwritten or deleted, so they safeguard data integrity from loss due to human error, hardware failure or ransomware attack.
With immutable snapshots, manufacturers could better safeguard workflow, production and processing information and protect data from accidental deletion or cyber theft. Manufacturers, for their part, could ensure the smooth and uninterrupted delivery of goods, even during a disaster or ransomware attack.
Critical manufacturing processes can be kept up and running with the right cyber security strategy and ultimately withstand the worst that cyber criminals can throw at them.