4Thought Blog

4thought graphic - blog 2020

6 Best Practices to Protect Manufacturers from Ransomware Attacks

Posted by Concannon Miller on Thu, Aug 12, 2021

Find me on:

6 Best Practices to Protect Manufacturers from Ransomware AttacksThere has been a surge in ransomware attacks in recent years and an even greater acceleration in the first half of 2021. Virtually every type of business is at risk, especially key links in the manufacturing supply chain.

For example, in May 2021, a high-profile attack temporarily shut down operations of the largest gas pipeline in the United States. The owners of the pipeline paid nearly $5 million in ransom to regain access to their servers.

Although the owners were eventually able to recover most of the Bitcoin transferred to the hackers, the lessons are loud and clear: Watch out for similar attacks on your company and take preventive measures to foil prospective hackers.

What Is Ransomware?

Manufacturers account for nearly a quarter of all ransomware attacks — more than any other industry, according to software company Varonis. Ransomware is malware designed to prevent access to a computer system or files until the user meets the perpetrator's payment demands. Essentially, your computer network is "held for ransom" until those demands are met.

When ransomware was introduced in the 1980s, attacks typically targeted individuals, and payment was made through the regular U.S. mail. Today, high-tech criminals usually go after deeper pockets and often require ransom paid via cryptocurrency.

It doesn't take much to be infected. Typically, the malware is sent through unsolicited emails as Word files or PDF attachments or a link to a website. When clicked, the attachment or link installs the malware on the user's computer and, from there, infiltrates the network. Frequently, emails appear to be coming from a legitimate company your firm deals with or someone you know. In other cases, perpetrators pose as law enforcement officials or representatives of federal agencies, such as the FBI, IRS or U.S. Department of Labor.

Once a device has been compromised, the perpetrator has a foothold in your entire IT environment. Until your IT department detects the breach, the hacker is free to explore your network for vulnerabilities and sensitive data and to encrypt data indiscriminately. Then the hacker can demand a ransom for the decryption key needed to restore your access to the network.

READ MORE: Fraud is Fraught in Manufacturing: Tips to Prevent Expensive Losses

How Can You Prevent an Attack?

Protecting your network requires key personnel to identify ransomware before it infects individual computers. Consider the following six best practices:

Train users to recognize red flags: Your workforce is your first line of defense against an attack. Employees and other network users — including suppliers and vendors that can access your system — should understand how ransomware attacks happen. Instruct them to exercise caution when opening unsolicited emails and searching the Internet. For example, they should know to report any suspicious emails to your IT department and to verify a sender's email address before clicking on a link or opening a file.

Require your staff to participate in regular cybersecurity awareness training sessions. This includes assembly line workers, as well as those in the back office and managers. Consider testing methods that simulate actual ransomware attacks to help improve awareness and establish whether your training program is effective.

Install the latest IT security products: Take advantage of tools, such as antivirus software, firewalls and email filters. Give your IT department the authority and resources to implement a comprehensive cybersecurity plan

Cybersecurity is a continuous improvement process. An effective program is always at least one step ahead of the hackers. IT personnel may need additional training to stay atop the latest scams. For example, your staff may need extra training if your company has transitioned to remote working arrangements because remote sites can be more challenging to secure.

Concannon Miller blog subscription sign up

Stay current on updates: Ensure that all operating systems and applications are updated on users' computers. If they aren't, secure the latest patches from verifiable sources. Criminals launching ransomware attacks are known to prey on those with older, more vulnerable systems and applications.

Back up files: Perform frequent backups of your system and other important files. If a computer becomes infected with ransomware, you can restore your system to its previous state using backups if you catch the attack before the perpetrator encrypts the data.

Store backups on a device that's separate from the network, such as an external hard drive or cloud account.

Obtain cyber insurance: Many manufacturers buy cyber liability and breach response insurance to fortify their defenses against losses from ransomware attacks. Professional and general business liability insurance policies generally don't cover losses related to a hacking incident.

Cyber liability insurance can cover a variety of risks, depending on the scope of the policy. Typically, it protects against liability or losses that come from unauthorized access to your company's electronic data and software. Certain modifications or addendums may be available based on the nature of your operations. For example, there may be policies customized for manufacturers in the health care industry.

Instead of purchasing a standalone cyber liability policy, you might add a cyber liability endorsement to your errors and omissions policy. Note that coverage through an endorsement isn't as extensive as coverage in a standalone policy.

You should carefully read your cyber policies to understand what types of incidents are specifically excluded from coverage. Reminder: Cyber liability insurance is not a replacement for sound cyber security policies and procedures. Other well-resourced preventive measures can also reduce your premiums for cyber insurance.

READ MORE: 4 Pillars of Mid-Year Business Planning for Manufacturers

Devise a formal plan: If your company is hit with a ransomware attack, will you pay the ransom? This is a high-level decision that requires a comprehensive analysis. Last fall, the U.S. Treasury department advised ransomware victims that they may be subject to sanctions and legal liability if they facilitate ransom payments to hackers. So, discuss your response plan with in-house IT personnel and outside financial, legal and insurance professionals.

Lesson Learned

Manufacturers can't afford to ignore the ever-growing threat of ransomware. Your professional advisors can help find cost-effective ways to minimize your risk and safeguard your data.

© 2021

Topics: Manufacturing

Concannon Miller’s unique, holistic and intimate approach to financial health sets us apart from smaller CPA firms with more limited resources as well as mega firms where mid-sized clients struggle for attention. Contact us here to talk about improving your business.

This communication is designed to provide accurate and authoritative information in regard to the subject matter covered at the time it was published. However, the general information herein is not intended to be nor should it be treated as tax, legal, or accounting advice. Additional issues could exist that would affect the tax treatment of a specific transaction and, therefore, taxpayers should seek advice from an independent tax advisor based on their particular circumstances before acting on any information presented. This information is not intended to be nor can it be used by any taxpayer for the purposes of avoiding tax penalties.

Subscribe for more Timely Tips for Businesses

Recent Posts