Cybercriminals Are Out There: Be Ready!

The murky threat of cybercrime—with its sinister hackers, devious data thieves and foreign troublemakers—might seem like more of a topic for a movie than a machine shop. But cybercriminals do aim at industrial manufacturing targets, and the costs are rising.

A 2018 Cost of Cybercrime report noted rising threats from ransomware, in particular, and cited a single malware attack that ended up costing a company over $2.6 million. Cybercrime costs in the auto industry alone rose to $15.8 million in 2018, a 47 percent increase over the previous year. By 2021, financial damages from cybercrime could well exceed $6 trillion a year, according to the Department of Homeland Security.

There are proactive steps companies can take to avoid becoming cybercrime victims—but they don’t start and end with hiring a hotshot IT person. The crucial factor is leadership. Those at the top of the organization need to take cybersecurity seriously and become the driving force of strategies that will minimize risks.

Why worry?

Industrial operations might not seem to offer rich rewards to hackers, compared with, say, banks or medical facilities. And it’s true that that financial services are the most frequent targets of cybercriminals. But industrial manufacturing operations can be compromised in many ways, by a variety of cybercrime attacks. Possible results of vulnerability include:

• Identity theft that affects personal information of employees or customers.
• Loss of productivity—not just with an initial cybersecurity breach, but during the recovery time, which can take weeks.
• Damage to equipment, including the risk of impaired product quality.
• Disruption of supply chains, perhaps from suppliers whose own cybersecurity measures are inadequate.
• Targeted distortion of website content, resulting in misinformation and damage to the company’s reputation.

A Sikich Manufacturing & Distribution report released in June 2019 found that half the companies surveyed had experienced a data breach or cyberattack during the previous year. And that just represents cases in which companies admitted to having been victimized.

Some of the most notable recent cybersecurity breaches have involved banks (such as JP Morgan Chase), retailers (such as Home Depot and Target, or health-related organizations (such as large health insurer Anthem) or data-focused firms. Even social media giant Facebook suffered a break in which more than 540 million records of Facebook users were exposed.

But industrial businesses were not immune. For example, in a case that stretched from November 2017 through October 2018, Titan Manufacturing and Distributing in Memphis, Tennessee, reportedly experienced a computer malware breach that threatened personal and financial information of some of its online customers.

Looking for weak links

From robotics to machine learning to artificial intelligence, technology plays an increasingly important role in manufacturing. Unfortunately, these more complex processes offer many possible targets that cybercriminals can probe for weakness. Factors that can put a company at risk include:

• Falling behind in equipment upgrades to enhance security.
• Using older manufacturing equipment that is not compatible with security measures such as firewalls and antivirus software.
• Relying on a cloud computing server that has inadequate protection against cyberattacks.
• Bringing on new technology/machinery without analyzing and proactively dealing with new risks it might entail.
• Failing to continually assess possible vulnerability in technology already in use, such as robotics.
• Inadequate staff training to alert employees about common cyberthreats, such as spear-phishing and ransomware attacks.

The FBI advises ransomware victims against meeting cybercriminals’ demands—but it has proven profitable enough to become a major threat to all types of organizations. The Department of Homeland Security reported in August 2019 that with many attacks going unreported and many ransoms being paid, the cycle continues to escalate.

A manufacturer that is vulnerable to ransomware attack could face disastrous outcomes that go beyond paralyzed computers and the painful extortion of funds. Consider a scenario in which computer systems control equipment and machinery: If those systems are infected, production could screech to a halt.

A March 2019 ransomware attack on Norway’s Norsk Hydro, a giant producer of aluminum, disrupted production and froze computer systems. Some plants were shut down, while others had to switch to manual operations. Hackers reportedly demanded a ransom to be paid in bitcoin.

In addition to the immediate financial and logistical hazards, a cyberattack can have longer-term impact. According to a survey of executives cited by CNBC in a September 2019 report, nearly half of the executives said that a security incident had hurt their companies’ ability to draw new customers.

Awareness plus action

The complications and costs involved in cybersecurity can be particularly challenging in a modern industrial setting. Leadership needs to respond with awareness and then action. A leader with a big-picture perspective is in the best position to insist on cybersecurity measures to mitigate the risks. Leaders should not only play a key role in implementing cybersecurity strategies, but in demanding continual scrutiny of measures that are in place.

Effective leadership will include putting the right cybersecurity team in place. These should be people with years of experience managing cybersecurity and companies with the appropriate accreditation. Their tasks will include:

• Assessing areas of operations that may be vulnerable to cyberattack.
• Implementing a system of safeguards and insisting on regular testing.
• Training and educating employees—and executives, too—as a firewall against some of the common weapons used by hackers.
• Completing an incident response plan to serve as a framework for action if an attack does occur.

The good news is that no one has to start from scratch. Resources developed by security experts, including government agencies, can help any company establish a pathway to improved cybersecurity.

For example, the Center for Internet Security suggests six CIS Controls aimed at safeguarding organizations and data. Basically, they focus on inventory, control, management and maintenance of hardware, software and administrative procedures. The Center also outlines best practices for maintaining cybersecurity measures.

Similarly, the NIST Cybersecurity Framework is a widely used system to help organizations asses and reduce their risks. (NIST, the National Institute of Standards and Technology, is within the U.S. Department of Commerce.) It offers assistance on understanding and reducing risks, as well as recovering from cybersecurity breaches.

Thoughtful, proactive leaders will heighten awareness of cybersecurity problems and steer their companies toward workable solutions.

Top-down strategy

In industrial settings, not every problem requires a top-down solution. But many do, and this is especially true when dealing with cybersecurity. Because of the potential for disruption and lost production time—not to mention financial loss—leaders must make cybersecurity a priority.

This will mean taking a hard look at potential vulnerabilities, and putting systems and people in place to mitigate risks. When the boss takes cybersecurity seriously, everyone else will, too.

About the Author:

Kevin Studley is the president of The Network Pro, Inc. a California-based Managed IT and Security company. The Network Pro is recognized as a growth company on the Inc. 5000 fastest growing companies list, a Great Place to Work by the OCBJ, and has placed on the Top 501 Managed Services Providers list for the last seven years. Kevin Studley is an active and long-standing member of Vistage and actively participates in events that promote the business community.