26
MiMfg Magazine
Premium
Associate
Member
May 2019
How To Protect Your Company
from Ransomware Attacks
By Jessica Dore • Rehmann
The average cost of a data breach is $3.86 million
and the average cost per lost or stolen record is $148
per record. Cyber attacks have become big business for
hackers, so stakes for your business have never been
higher. Manufacturing companies have increasingly
become more targeted as hackers seek to not only
extort money for individual data but also steal
intellectual property which may include patent
information, formulas, and blueprints/schematics
of confidential designs or unique assembly processes
that can be sold for financial gain.
Establishing and following preventive strategies
to keep systems safe should be a no-brainer for all
organizations, but sometimes these efforts fall by the
wayside. Due to the increasing vulnerability for
manufacturers to Cyber attacks that can potentially
shut down production and have ramifications
throughout a supply chain, it is imperative that
manufacturing organizations develop a comprehensive
cyber security defense plan.
To prepare your organization to be well-equipped
when it comes to protection from a ransomware
attack, the following items are critical:
• Systems should be continuously monitored and
patched: A major fault of many organizations is
failing to ensure all systems are up to date and
monitored. With up-to-date monitoring systems
and vulnerability scans in place, companies can be
aware of when potential threats arise. Being ahead
of the threat is the only way to prevent an attack.
• Employee training program: Employees should
be made aware of scam e-mails and what
attachments they should avoid opening. Once
attachments are opened through a phishing
e-mail, the scammer can easily access the system
and infiltrate. Making trainings available to
employees can keep money and valuable data in
the employer’s pocket later.
• Have a sound backup in place: It is vital to
perform regular backups of systems so data
can be restored to a point in time prior to
the ransomware entering the environment.
• Know the precautions being taken by suppliers
and customers: A manufacturer’s exposure exists
throughout a facility and beyond as manufacturing
equipment gets smarter and the growth of the
Internet of Things (IoT) enables increased access
to equipment through direct connecting and
communicating to outside parties.
Once the groundwork is laid, highly qualified
experts should be on the lookout to detect any error
a tool may miss. We conduct tests for our clients,
usually on at least an annual basis, and run thorough
testing to bolster cyber defenses.
In the event that a ransomware attack makes its
way into your system, the most important step is
stopping its spread. The sooner an organization can
stop a ransomware attack, the better off it will be.
If an organization is not equipped with up-to-date
backups, they could be subject to a rude awakening.
Without backups, organizations could be held at
ransom, and in the worst cases be forced to pay the
criminals or suffer from having to rebuild a completely
new environment and lose data that will be difficult —
if not impossible — to restore.
To avoid finding oneself in a helpless situation,
executives must place high importance on cyber
security. Although having systems in place may
appear costly at the onset, the costs often pale in
comparison to the price of reconfiguring a whole
online environment.
As busy manufacturers, we get caught up in the
day to day and forget about potential setbacks. It’s
all too easy to believe a ransomware attack won’t
happen to you. This belief is idealistic, but unfortu-
nately is often untrue. Ransomware attacks happen
every day to organizations large, medium and small.
To get ahead of a potential hack and prevent stress
and loss of finances, be proactive and protect your
organization today.
6
Jessica Dore, CISA, is a principal with
Rehmann. She may be reached at 989-797-8391
or [email protected].
Rehmann is an MMA Premium Associate member
and has been a member company since July 2006.
Visit online: www.rehmann.com.