(Click here to view article in digital edition)
But with regulations requiring organisations to protect their data, and with the UK’s manufacturing industry more competitive than ever before, the importance of having a robust disaster resilience provision in place has never been more important.
Tony Mannion, Sales Development Manager at SolutionsPT, examines the security challenges facing manufacturers running legacy systems and looks at how they can protect themselves against potential ransomware attacks, and ensure they are able to recover critical data in the event of one taking place.
The UK’s manufacturing industry is currently more competitive than ever, with manufacturers fighting hard to gain the upper hand on their competitors by attempting to reduce costs and increase profitability. Although it is well known that one of the most effective ways manufacturers can do this is by taking advantage of the most cutting edge industrial systems available, many are still operating extremely insecure legacy control systems which are liable to leave their systems exposed to disruptive cyber-attacks.
With manufacturing now the most likely industry to be targeted by cyber attackers, and with the number of cyber-attacks increasing by 24% globally during the second quarter of 2017 (compared to the first quarter), the threats facing manufacturers have never been more serious. But being aware of the problem is only half the battle and the question remains – how can manufacturers protect their operations against a ransomware attack? And, if an attack does take place, what can be done to negate its impact?
Recent high-profile ransomware attacks, such as the Petya and WannaCry epidemics, have disrupted businesses across the world and showcased the malware’s ability to spread quickly and force unscheduled downtime. With unplanned downtime frequently causing reductions in productivity and profitability, manufacturers have realised that the threat posed by ransomware is one they can no longer afford to ignore.
Another problem associated with ransomware is that many attacks are not targeted, which means that all systems, including legacy systems, unpatched systems and Windows systems, are vulnerable to infection. Furthermore, if your systems are at risk of suffering a ransomware attack and your networks suffer from a lack of visibility, knowing what the malware is targeting and what damage it is doing is virtually impossible.
However, the biggest threat to manufacturers lies in the loss of data. This is a huge issue for manufacturers as the loss of key data often carries with it significant legal implications – certain industries are required to provide information to Government agencies, with failure to do so resulting in substantial fines. For manufacturers operating in regulated industries, who are unable to sell their products into certain markets unless they have a complete set of production data, such as the pharmaceutical industry, the loss of data can be catastrophic.
Manufacturers need to ensure they are protected against ransomware attacks by having a protective strategy in place which can identify an infection as early as possible. Modern Disaster Resilience solutions, such as Proteus by industrial IT solutions provider SolutionsPT, feature algorithms which can identify when an infection begins to affect your system and protect your back-ups, securing your data and allowing you to maintain a safe and speedy recovery position. And, because it has been designed to fit into existing environments, it can be easily retro-fitted, making it especially good at protecting legacy systems.
By detecting the mass changes of files that are the core of a ransomware attack, Proteus enables the recovery of critical data via virtualisation which runs a backup of your machine in isolation from your network and other machines, allowing you to find the infected files and then purge them from your system.
A disaster resilience provision also ensures your site is fully operational again as quickly as possible, whilst also limiting the amount of data that could be lost in the event of a disaster. Backups are taken and tested regularly, before being stored locally and securely offsite, meaning you have a redundancy provision built into your system. Furthermore, the virtualisation technology means that those backups can be activated in a virtual environment within minutes of a machine failure, protecting critical OT systems and allowing plants to remain operational whilst a failed machine is replaced. Backups can be undertaken hourly, daily, weekly or monthly, enabling a backup strategy specific for your site and requirements to be developed.
In order to remain safe from cyber-attacks, manufacturers need to develop an architecture that is inherently secure by design, and ensure they have a plan in place to protect them against the threat of multiple types of cyber-attacks. This is a cultural issue and the biggest victory a company can achieve against cyber criminals is for a shift in mind set around the OT environment. A disaster resilience provision should be the cornerstone of every manufacturer’s cyber security strategy, as this will ensure they are still able to function in the event of an attack, even when it is impossible to prevent the attack from occurring in the first place.
About the author:
Tony Mannion, Industrial IT Divisional Manager at SolutionsPT, joined in June 2002 bringing over 15 years sales experience. After a number of years running the Internal Sales team, Tony became Regional Sales Manager spending 4 years working with both End User and System Integrators based in the North West of England. After a further two years as Northern Area Manager Tony became the group Sales Manager, a role that he held for 8 years. Tony’s current role is as Sales Development Manager.
Print this page | E-mail this page
Discover the future of engineering today
Download a copy of our digital magazine