Industry 4.0 held to ransom
Digital technology, automation and the Internet of Things are dramatically improving manufacturing quality and reducing costs. Industry leaders know that embracing Industry 4.0 is the only way to survive, and that the use of real-time data provides a competitive edge to work more efficiently, boosting those all-important margins. Still, this revolution brings with it new cyber risk which could stall production – and even put a stop to business altogether.
When digital ambitions outpace cyber defences
PwC has reported that around 74 percent of UK manufacturing firms expect to drive high levels of digitisation and integration by 2021. However, separate research by the EEF also tells us that nearly half of manufacturers have not increased their investment in cybersecurity over the past two years. Clearly, many companies are in danger of allowing their Industry 4.0 ambitions to outpace their approach to cybersecurity.
For manufacturing leaders, defending against cyber-attacks should be high on the agenda. The sector has been well-known to trail other industries in adopting new technologies, and now it’s playing catch up it is left more vulnerable to new types of attacks, including ransomware. With Symantec recently finding that manufacturing was the second most affected sector by ransomware, this is one threat that simply cannot be ignored.
The risk of ransomware
Ransomware is a software that encrypts files and data on the victim’s infrastructure, blocking any usage of such files and data until a sum of money is paid. For manufacturing firms, this could grind production to a halt, damaging customer relationships and incurring huge costs.
Ransomware can be easily delivered in the shape of a simple phishing email. An employee will open an attachment which encrypts the data in the user’s system and lets them know how much money they need to pay to get the decryption key. With the EEF also finding that 20 percent of manufacturers don’t make their employees aware of cyber risks in company policies, it’s easy to see why they are particularly susceptible.
Traditionally, the damage done by ransomware has depended on who in the company is targeted. However, more recently we have seen variants of ransomware that don’t limit themselves to encrypting solely what is on a PC’s hard drive. Instead, they use ‘privileged’ accounts – i.e. those which provide advanced access – on the infected PC to move more widely within the network, searching for a variety of file types and making them inaccessible. This means attackers are finding alternative ways in to find sufficiently important files and data, at an even greater cost to businesses.
Defending against ransomware
Most anti-malware and anti-ransomware solutions today focus on detecting and blocking malware at the point of inception. These solutions can be helpful when you know what you’re looking for – but when it comes to ransomware, there are new variants coming out every day. It’s therefore advisable to have a multi-layered approach, employing application control and removing local privileges (i.e. the ability to access more sensitive parts of the network) from regular PCs. This will reduce the attack surface and block their progression.
Steps must also be taken to protect the most sensitive files in the organisation. Employing greylisting - an approach that allows unknown applications (i.e. the latest ransomware variant) to execute harmlessly - blocks ransomware from being able to access or encrypt your critical files.
It’s also critical that companies back up their sensitive information on a regular basis and keep multiple generations of backup. This means that in the event of a ransomware infection they will have the option of wiping the system and restoring from backup, rather than paying this ransom. With Trend Micro finding that only 45 percent of companies infected got their data back upon paying the ransom, this could be the key to keeping operations running.
Manufacturing companies must embrace Industry 4.0, but this should not be at the cost of protecting their highest value assets. Equal time and investment must be put towards improving cybersecurity and preventing fast-growing threats such as ransomware attacking the heart of the business.
By Matt Middleton-Leal, Regional VP for the UK, Ireland and Northern Europe, CyberArk
Follow @ManufacturingGL and @NellWalkerMG
IMF: Variants Can Still Hurt Manufacturing Recovery
After a year of on-and-off manufacturing in the US, UK, and the eurozone, demand for goods surged early last week. Factories set growth records in April and May, suppliers started to recover, and US crude hit its highest price point since pre-COVID. As vaccination efforts immunise much of the US and UK populations, manufacturers are now able to fully ramp up their supply chains. In fact, GDP growth could approach double-digits by 2022.
Now, the ISM productivity measure has surpassed the 50-point mark that separates industry expansion from contraction. Since U.S. president Biden passed his US$1.9tn stimulus package and the UK purchasing managers index (PMI) increased to 65.6, both sides of the Atlantic are facing a much-welcomed manufacturing recovery.
Lingering Concerns Over COVID
Even as Spain, France, Italy, and Germany race to catch up, and mining companies pushed the FTSE 100 index of list shares to a monthly high of 7,129, some say that UK and US markets still suffer from a lack of confidence in raw material supplies. Yes, the Dow Jones has made up its 19,173-point crash of March 2020, and MSCI’s global stock index is at an all-time high.
Yet manufacturers around the world realise that these wins will be short-lived until pandemic supply chain bottlenecks are solved. If we keep the status quo, consumers will pay the price. In April, inflation in Germany reached 2.4%, and across the EU’s 19 member countries, overall prices have increased at an unusual pace. Some ask: Is this true recovery?
IMF: Current Boom Could Falter
Even as Elon Musk tweeted about chip shortages forcing Tesla to raise its prices, UK mining demand skyrocketed; housing markets lifted; and the pound sterling gained value. The International Monetary Fund (IMF), however, cautioned that manufacturing recovery won’t last long if COVID mutates into forms our vaccinations can’t touch. Kristalina Georgieva, Washington’s IMF director, noted that fewer than 1% of African citizens have been vaccinated: “Worldwide access to vaccines offers the best hope for stopping the coronavirus pandemic, saving lives, and securing a broad-based economic recovery”.
Across the globe, manufacturing companies are keeping a watchful eye on new developments in the spread of COVID. Though US FDA officials don’t think we’ll have to “start at square one” with new vaccines, the March 2021 World Economic Outlook states that “high uncertainty” surrounds the projected 6% global growth. Continued manufacturing success will in large part depend on “the path of the pandemic, the effectiveness of policy support, and the evolution of financial conditions”.
Mathias Cormann, secretary-general of the Organisation for Economic Co-Operation and Development (OECD) concurred—without global immunisation, the estimated economic boom expected by 2025 could go kaput. “We need to...pursue an all-out effort to reach the entire world population”, Australia’s finance minister added. US$50bn to end COVID across the world, they imply, is a small investment to restart our economies.