-
Trade Shows
-
Media Group
Packaging WorldThe leading business publication for users of packaging equipment, materials and
Healthcare PackagingThe leading media brand covering life sciences packaging and logistics. Via print and
OEMThe go-to information resource for packaging and food processing machine builders. OEM is
ProFood WorldPMMI Media Group’s newest brand, edited for food and beverage processors. Readers will
Mundo PMMIThe new Spanish-language brand from PMMI Media Group created for professionals who
The official publication for CPA, the Association for Contract Packagers &
Emerging Brands AllianceProviding year-round education, resources, and growth opportunities for high-growth
Cyber Health
Ransomware Attacks Increasingly Targeting Manufacturers
Ransomware Attacks Increasingly Targeting Manufacturers
Published on
June 9, 2022
Ransomware has become a well-known cyber-threat over the past several years, with more and more criminal organizations leveraging it as a way to disrupt all types of businesses in the hopes of a quick pay day. Ransomware is a particularly nasty strain of malware because it encrypts your data and holds it hostage for payment, and has the ability to spread across devices and networks with the potential to infect the entire technology infrastructure of companies which can cause months of disruption.
The National Association of Manufacturers has identified a significant increase in targeted Ransomware attacks specifically in the manufacturing sector in 2021, citing some startling statistics:
- Last year, manufacturing accounted for 65% of industrial ransomware incidents, according to Dragos.
- The top three manufacturing subsectors targeted by ransomware attacks were metal components (17%), automotive (8%) and plastics/technology (6%).
- Manufacturers as a group were targeted six times as often as the second leading industrial sector, food and beverage.
What’s worse, the NAM has identified that many manufacturers remain unprepared for Ransomware attacks, stating that:
- About 90% of manufacturers have limited visibility into their OT systems, according to Dragos.
- 90% of manufacturers are also ill prepared with poor network perimeters, 80% have external connectivity exposure in their OT systems and 60% use shared credentials that make it easier for ransomware groups to infiltrate systems.
Check out this article from NAM to learn more.
You can help protect your business from Ransomware by ensuring that the following controls and mechanisms are in place:
- Ensure that critical business applications (such as ERP systems), IT systems, and machine configurations are backed up in a secure location that is not connected to your network. Further, ensure that you have tested restoring those backups at least once per year to make sure they will work when you need them.
- Ensure that remote access to your network and all computers and machines on it is properly protected by a good password policy, and that multi-factor authentication is required to connect remotely.
- Educate your employees on what ransomware is and how to spot bad links and attachments that could lead to an infection
- Ensure you have a proper firewall protecting your network and SPAM filter solution protecting inbound e-mails, and that the policies are periodically reviewed and updated as needed
- Employ a managed antivirus/anti-malware tool. These tools have evolved a lot over the past several years. It is critical to have a solution that is supported by a 24/7 Security Operations Center that is constantly monitoring for alerts and incoming threats.
- Protect your business from disruption financially with a cyber liability insurance policy
If you have identified a Ransomware attack in your organization, take these immediate steps as soon as possible:
- Shut down all infected systems, computers, and network devices immediately. As a precaution, you may want to shut down network switches and servers as well as unaffected devices until you are sure you are able to isolate the infection.
- Notify your entire organization as soon as possible so that users are aware of the threat and can take quick action
- Notify your IT Outsource or Managed Services provider so they can partner with you on a response plan
- Notify your insurance carrier to start the claim process and get access to response & restoration services
- Notify local law enforcement and file a complaint with the Internet Crime Complaint Center
To view other PMMI CyberHealth content, visit pmmi.org/cyberhealth. Got a more specific question? Email [email protected]. Be sure to also opt in to the CyberHealth e-newsletter to get cybersecurity updates straight to your inbox.