Hackers aren’t just targeting banks and credit card companies anymore. They’ve harmed hospitals with ransomware, a type of malicious software that’s designed to block access to a computer system until a sum of money is paid. Now, factories are on hacker hit-lists, too. Most cyberattacks are aimed at larger companies, but that doesn’t mean small-to-medium firms can neglect data security. How much do you know about ransomware, Trojans, and worms? More importantly, how will you defend against them?
Ransomware and Trojan Horse Programs
According to Fortinet, an American multinational that provides enterprise-level firewalls, hackers launched 8.63 million cyberattacks against 59 manufacturers from October 1, 2015 to April 30, 2016. The attacks were globally dispersed, but the FBI is especially concerned about the threat that ransomware poses to U.S. companies. Of the 8.63 million cyberattacks reported by Fortinet, nearly 30% were from a ransom-ware Trojan called Nemucod.
For manufacturers, it’s important to understand how Trojan horse programs work. In the classic story about the Trojan War, the ancient Greeks gave a giant wooden horse to their enemies, the Trojans, as a peace offering. Greek soldiers hid inside the horse and, once inside Troy’s city walls, stealthily exited the horse and attacked. Trojan horse programs work in a similar way. Manufacturing employees may think that a downloadable program is benign, but letting it past a corporate firewall can have devastating consequences.
Worms and Patches
Manufacturers need to worry about worms, too. These standalone computer programs are a type of malware that replicates in order to spread to other computers. Unlike a virus, however, a worm doesn’t need to hide inside of an existing program. Instead, a worm can exploit other security failures. Often, worms target vulnerabilities that are protected by software patches that exist, but that users (such as manufacturers) haven’t installed. That’s why companies with small or non-existent IT departments are especially at risk.
During the 6-month period in Fortinet’s Cyber Threat Assessment Program (CTAP) report, a Microsoft DNS caching vulnerability (CVE-2015-6125) was targeted by 82.8% of application-vulnerability exploit attempts. Microsoft released a patch for CVE-2015-6125 in December 2015, but that doesn’t mean it’s been installed everywhere. Shellshock, a pair of application vulnerabilities that were patched way back in September 2014, came in second on the worm list. Conflicker, a problem that was patched seven years ago, is still common.
Protecting Your Data – And Your Factory
When hackers introduced Conflicker back in 2009, manufacturers weren’t even thinking about the Internet of Things (IoT). Today, some companies are talking about IoT internally. Others are exploring available options with vendors. Still other manufacturers – the early adopters – are connecting machines to sensors while harnessing computing power and opening up potential security vulnerabilities. If IoT is in your company’s future, are you ready for both the risks and the rewards?
For now, Fortinet advises all manufacturers to protect, monitor, and segment their data. Segmentation is especially important because a flat or non-segmented network provides an attacker with an easier network path once security has been breached. So what is your manufacturing company doing to optimize data security today? Are you ready for the factory of the future where all of your assets will be interconnected?
Image Credit: © cherezoff – stock.adobe.com