East West Manufacturing Blog

Protecting Your Manufacturing Facility and Processes from Cyberattack

Written by Patty Rasmussen | August 08, 2017

Quick question: How prepared is your company for a cyberattack?

In a 2016 survey commissioned by FM Global and conducted by CFO Research Services, 59 percent of the senior financial executives that responded said their operations had been harmed by a cyberattack. Only 24 percent said they were prepared for the attack and its aftermath. Based on what we saw in 2017, their answers were likely the norm.

We have all read the reports of serious infiltrations by hackers in some of the largest and (we assumed) most well-protected companies in the world — FedEx, Honda, Maersk, just to name a few. In May, a ransomware virus (“WannaCry”) spread globally attacking PCs that weren’t protected with a patch, MS17-010. Just one month later, another, much worse form of malware called “Petya” made the rounds. This time the unfortunate companies who didn’t have a backup lost their data because the virus didn’t allow the hackers to decrypt the files once the ransom was paid. Industry folks call that a “wiper” rather than true ransomware. And by the way, the IBM sponsored Cost of Data Breach Study conducted by the Ponemon Institute found that a data breach costs a company in the U.S. $7.3 million, on average.  

Of course, we also know that no matter how prepared you are, if your partners, vendors, suppliers or customers experience a significant data breach, it affects you too. According to a story in Supply Chain Dive (SCD), several of Maersk’s terminals that were affected by the Petya attack caused operations to stop or slow, globally. But, said the SCD story, “the impact on freight was not limited to port operations as the world’s largest container carrier’s booking system was also shut down due to the cyberattack. Freight forwarders and shippers, then, were also directly affected.”

That said, what steps can you take to secure your manufacturing facility and processes from a cyberattack?

For starters don’t rely on air-gapping computers. You're probably not doing this, but just in case...

Air gapping physically, electromagnetically, and electronically isolates a computer, computer system or network from other networks. Air-gapped computers cannot communicate with each other, except by physical devices — a disk, thumb drive, etc. However, this 2014 story from WIRED explains why that’s no longer true.

One expert offered this to-do list if you want to secure air gapped computers:

  • Keep the machine offsite or in a safeguarded room.
  • Make sure all cables to the machine are properly shielded.
  • Use USB Port Blocker to block unused USB slots.
  • Turn off and unplug the machine when not in use.
  • Replace standard drives with solid-state drives (SSD).
  • Encrypt your data.

But really, who isn’t networked? That’s how business is done these days. How should you secure your network from potential attack?

Let’s start with some foundational principles:

Audit your company’s strengths and vulnerabilities.

Where are the natural points of ingress? What sort of data do you have that a hacker might want? Who has access to it? Should you limit that access?

Create a culture of cybersecurity awareness in your company.

The Ponemon study found that 23 percent of data breaches occur due to employee negligence/error. Do your people know who to contact and initial measures to take in the event of a data breach or attack? Have you conducted cybersecurity training across all divisions? Do you keep your employees up-to-speed on what to look for or potential threats? Teach your people how to recognize different cyber threats including phishing, malware, spoofing and systems hacking. Make sure they know to speak up if they see something unfamiliar or not quite right. 

Implement layers of controls.

Begin with preventive controls, which protect and defend attacks from occurring. Make sure you’ve installed all your operating system’s updates, and that you update regularly. Expand to detective controls which will alert you to any breaches in your network. Finally include corrective controls to solve the crisis and mitigate further damage.

Ask your suppliers and partners about their cybersecurity practices.

Make sure any individual or company that can access your data is aware of your cybersecurity protocols and follows them. As far as possible, partner with your suppliers to protect sensitive information or data.

7 Specific Cybersecurity Steps to Take

  1. Backup your data. Create dual backups, especially with critical data. Take full and incremental backups of all network files. 
  2. Use strong passwords. All administrators on the network should change passwords frequently, usually every 30 days. Never reuse passwords.
  3. Have a data breach drill. Time is of the essence when you’re dealing with a cyberattack. Teach your employees to respond immediately to instructions for securing their computers and the data that’s on them.
  4. Get the best firewall protection you can, run it and update it regularly.
  5. Use malware detection software on all networked machines and devices. Make sure to update regularly.
  6. Don’t forget to protect all corporate mobile devices, phone or tablets.
  7. Only allow network connection to companies with a secured virtual private network (VPN) and secure RDS Access.

I hate to say it, but the hackers are getting better at anticipating our next moves. If cybersecurity is something that's been on your company's back burner it's time to move it to the front and start cooking. 

Read more: