Blog > Threat Intelligence Ransomware and the Manufacturing Industry

Saturday, Feb 1, 2020

BY: Robert Elworthy

By Robert Elworthy, Assistant Director of IT at Langdale Industries

Ransomware malware is designed to deny an organization access to its own data with the use of encryption technology.

Modern encryption algorithms are unbreakable on current technology, meaning that it is impossible to read encrypted data without access to the corresponding encryption key. Cybercriminals take advantage of this in ransomware attacks by using malware on a target computer to encrypt valuable files. Once encryption is completed, the attacker holds them for ransom, offering a copy of the encryption key and decryption software in exchange for a payment.

When an organization is infected by malware, they could lose access to their data if they do not have a backup copy or pay the ransom. And this is a significant loss, different organizations and industries have different risks and vulnerabilities that hackers take advantage of as they evolve their tactics.

Ransomware Manufacturing Impacts

In the manufacturing industry, the impacts of such an attack can be significant. Some ransomware variants intelligently select files to encrypt, so a targeted ransomware attack could focus on encryption of IP, payroll and other documents essential to the functioning of the business as well as hacking IoT devices.

For us at Langdale, the biggest impacts a ransomware attack could have on us, include loss of customers, a diminished reputation, loss of trust and increase in employee frustration. With ransomware rising and becoming even harder to detect, protecting our company and our customer’s sensitive data is crucial.

Protecting Against Ransomware Attacks

The average downtime-related cost of a ransomware attack is $141,000. If an organization does not have the ability to recover from the incident, the price tag of paying the ransom or attempting to move on without the lost data can be much higher. By implementing specific cybersecurity protections, you can dramatically decrease the probability of becoming the victim of an expensive ransomware infection.

The biggest source of protection we use is our managed endpoint security platform with roll back capability. Our endpoint protection platform works to stop ransomware from being installed on our system and allows us to roll back the data if it slips through the layers of our protection. Our endpoint protection platform is managed by our MSSP, Nuspire, which assists in the monitoring of all our endpoints and performs the remediation process of a threat enters our network.

Because we are such a large organization, monitoring our hundreds and thousands of endpoints is almost an impossible task for us to manage 24x7x365. Having a layered security approach with managed endpoint detection and response services ensures that we’re secure and allows our company to focus on other important initiatives.

In addition to that, we use three forms of backups on critical assets and have implemented phishing and email training and least privileged access. The three forms of backup give us multiple solutions if ransomware ever encrypts our data and allows us to revert our systems to their original state. Email phishing training has been very effective in education our users on spotting fake emails and phishing attempts, thus helping prevent outbreaks.

Securing the Manufacturing Industry

Ransomware has now become a business model. The more companies that fall prey to their attacks, the more emboldened the threat actors become.

As one of the leading industry targets of ransomware attackers, we must take the necessary steps to protect ourselves against future ransomware attacks. By implementing cybersecurity services and solutions that allow us to proactively detect ransomware attacks and ease recovery in the event of an infection, companies can dramatically decrease the price tag of a ransomware infection.

About the Author: Robert Elworthy is Assistant Director of IT at Langdale Industries where he manages various IT components including cyber security, networking, infrastructure, servers and developing IT standards and policies. Robert’s role is integral with security, networking, troubleshooting software and hardware issues to ensure systems are operational for The Langdale Company and its 23 affiliates.  Robert also conducts employee training on malware, phishing and threats. Robert serves as a member of the Malwarebytes Customer Advisory Board. He holds a degree in Secondary Education and Computer Science. Robert is an avid Atlanta United FC fan, proud father and husband living in Valdosta, Georgia.