Manufacturing and Ransomware | TorchLight Security

The manufacturing industry has embraced automation and digitization as timelines have gotten tighter and business continuity has become essential. These aspects, along with the high-value data that manufacturing enterprises own (intellectual property, trade secrets, etc.) have made these types of companies more attractive cyber attack targets. Keep your supply chain running smoothly by protecting against ransomware and other cyber threats

Blog
Manufacturing

Ransomware and Manufacturing: What to Know

The manufacturing industry has embraced automation and digitization as timelines have gotten tighter and business continuity has become essential. These aspects, along with the high-value data that manufacturing enterprises own (intellectual property, trade secrets, etc.) have made these types of companies more attractive cyber attack targets. Keep your supply chain running smoothly by protecting against ransomware and other cyber threats. Here’s what you should know about ransomware – its current trends, targets, and tactics and how to protect your business.

Typical Attack Vectors Against Manufacturing

Manufacturing and production companies have different concerns than others when it comes to cyberattacks because you have to adhere to specialized government and other regulations, with penalties for non-compliance. Knowing the typical attack vectors can help you remain both compliant and vigilant.

  • Extortion only-attacks: Rather than encrypting files, criminals threaten to leak stolen information online. This newer type of attack can cause concern over the leaking of intellectual property or customer PII.
  • Timed Attacks: For your industry, you might have a critical time for operations to remain continuous. As they become more specialized, cybercriminals focus their attacks on the when they will have the greatest impact and put the most pressure on you to pay out. It is especially important that you have in-depth training with your employees before the times an attack will have the maximum disruption or impact.
  • Phishing emails: A fraudulent email tricks a user into revealing sensitive information to the attacker.
  • User Click: A user clicks on a link or opens an attachment that contains malware and infects the system, usually without the user’s knowledge.

Manufacturing Attacks and What to Learn from Them

Acer hit by REvil

Acer, a PC manufacturing company located in Taiwan, first discovered abnormalities in their system in the spring of 2021. The REvil ransomware group demanded $50 million, one of the highest reported ransoms of all time. The data stolen by the group was eventually posted to a cybercriminal forum online. Not only did Acer lose valuable data and intellectual property, but they also became a target for repeated attacks. The company was recently breached again by the Desordenn Group, which breached Acer’s servers and stole files. However, with threat isolation plans in place after the first attack, Acer was able to minimize the effects of the attack. Fellow manufacturers can learn from Acer’s troubles by isolating important files and getting the protection they need.

Candy Production Put to A Drastic Halt Before Halloween

Ferrara is a well-known candy manufacturer. The company manufactures SweetTarts, Candy Corn, Redhots, Pixy Stix, and Nerds, among others. Just weeks before Halloween, the company’s most important season, cyber attackers encrypted the company’s computer systems and demanded payments. The attack caused delays to production and delivery and disrupted the supply chain at the busiest time of the year for the candy manufacturer. Ferrara was forced to operate in limited capacity and worked with 3rd party specialists to restore its systems. The attack was coordinated to strike the company at the worst time so that Ferrara was most likely to pay the whole ransom. Manufacturers should always have protection, but employee training should be completed before your business’s busiest times, so that it is less likely that a slip up will occur at a critical time.

Norsk Hydro Loses Millions of Dollars in Profits Due to Ransomware Attack

Norsk Hydro, one of the world’s largest aluminum producers, experienced a cyber-attack in March of 2019. The ransomware group, LockerGoga, locked the files of thousands of servers and PCs. As a result, 35,000 employees across 40 countries were forced to stop production and switch to manual operations. The attack caused a financial loss of around $71 million.

 

How to Prepare for and Mitigate Attacks and How TorchLight Can Help

Your supply chain must be protected, not only for the well-being of your business, but that of others as well. To ensure that your business is fully protected, you need a partner that will understand your unique business needs. TorchLight integrates security strategy into business strategy to make security a tool for business progress.

TorchLight can help properly secure your networks, automate your backups separate from primary systems, and help with employee awareness and training. We train your staff how to recognize potential threats and what to do if a security breach is made. TorchLight will help you put a backup plan in place so that your organization is prepared and can continue operations as much as possible.