Feb 28, 2022 by Mark Dingley
Malware is a growing problem for manufacturers. Australia, along with the rest of the world, is facing a "tsunami of cybercrime". There was a staggering 60% rise in ransomware attacks against Australian entities from 2020 to 2021, according to ACSC, the government's cyber security agency.
Ransomware is malware which encrypts files on your system. The attackers then demand payment in exchange for the decryption key.
Concerningly, the frequency of attacks and the size of ransoms being demanded has increased substantially in the past year. And the damage caused by a cybercrime attack can be crippling to manufacturers, with the following impacts:
An attack against the world's largest meat supplier, JBS Foods, in June 2021 meant the company had to pay an $11 million ransom to the REvil ransomware group. The attack affected 47 facilities in Australia, as well as the USA and other countries, disrupting meat supplies.
As more production lines are digitally connected, manufacturers are more exposed to cybersecurity threats than ever before. Each new device connected to the internet presents a new target for attackers. And it only takes one weak spot for criminals to steal invaluable company data or hold it at ransom.
But there are actions you can take to protect your production lines and business from malware and minimise the risk. The first most important step is to know that most production line software is not secure by default.
Reduce exposure to hackers by limiting access to your technology infrastructure. That means using a software that either does not require internet connection or does not automatically access the internet with permission. After all, any internet connectivity presents a potential target for attackers – if it is not properly controlled.
For example, Matthews iDSnet is an on-premises solution, which means the software and all data is stored on internal servers, rather than all in the cloud. It sits behind your firewalls and levels of cyber protection. At the same time, you have the option to have secure connections, using appropriate and up-to-date security measures to safely connect to the internet when needed – for example, if you need remote 24/7 support.
If you do prefer cloud software, the key is to look for a solution that puts you in control. For example, iDSnet Cloud prompts you when connecting to the internet to check you want to give it access.
A perpetual license is the traditional method of purchasing software, where you pay for the license upfront and have the right to use the software indefinitely.
The alternative is a subscription model, where you pay for the software on a month-by-month basis, for example.
Subscription licenses require the software to do regular checks to see if your license is still valid and to perform updates. This means connecting to the internet, which leaves the software open to malicious threats.
With Matthews iDSnet, you have a perpetual license. You have the right to use the software without a subscription running out. When it’s time for software updates or technical support, you actively give access to the Matthews engineers, who can then work on the software remotely.
There’s nothing a hacker loves more than a weak password protocol. It’s the reason behind many successful cyber-attacks.
Ensure that access to all software, wireless networks and sensitive data is guarded with unique passwords.
Who has access to the software? Not everyone is the business needs access to the software, or all functionalities and databases. Allowing everyone access only increases your risk.
A recommended approach is to look for a software solution that allows you to manage users and permission levels. For example, with Matthews iDSnet, you can have as many users and passwords as you need. Users can be set up as an operator, supervisor or maintenance, and you can control the level of data and functionalities they can access. For example, you can choose to let a user edit the database and access the label designer.
The best recovery from a ransomware attack is a regular offline backup.
JBS said its backup servers were not affected during its ransomware attack, which meant it could work to restore its systems quickly and recover the damage.
Choose a production line software that runs frequent backups of data.
Employee awareness training and governance is essential to any cybersecurity strategy. Training should make everyone aware of the wide range of threats. Strong, well-communicated policies can help keep employees from inadvertently uploading, opening, or transferring harmful software to your servers. Nothing beats good education policies and reinforcement of those policies on a regular basis, as staff will change with new hires and departures.
There are challenges with any digital transformation, but by addressing them proactively, your business will be better safeguarded against threats.
Start by choosing a secure package code management software that works seamlessly without opening your business to the threat of cybercriminals. iDSnet is a next-generation package code management software with the security peace of mind you need. With iDSnet, you get the peace of mind that comes from our 24x7 support, with an in-house local software team for rapid response.