Welcome
 | 
My Account
Welcome
 | 
My Account
Welcome
 | 
My Account

CyberHealth

Ransomware Attacks Increasingly Targeting Manufacturers

June 9, 2022
Click image to view gallery

Ransomware has become a well-known cyber-threat over the past several years, with more and more criminal organizations leveraging it as a way to disrupt all types of businesses in the hopes of a quick pay day.  Ransomware is a particularly nasty strain of malware because it encrypts your data and holds it hostage for payment, and has the ability to spread across devices and networks with the potential to infect the entire technology infrastructure of companies which can cause months of disruption. 

The National Association of Manufacturers has identified a significant increase in targeted Ransomware attacks specifically in the manufacturing sector in 2021, citing some startling statistics:

What’s worse, the NAM has identified that many manufacturers remain unprepared for Ransomware attacks, stating that:

Check out this article from NAM to learn more.

You can help protect your business from Ransomware by ensuring that the following controls and mechanisms are in place:

  1. Ensure that critical business applications (such as ERP systems), IT systems, and machine configurations are backed up in a secure location that is not connected to your network.  Further, ensure that you have tested restoring those backups at least once per year to make sure they will work when you need them.
  2. Ensure that remote access to your network and all computers and machines on it is properly protected by a good password policy, and that multi-factor authentication is required to connect remotely.
  3. Educate your employees on what ransomware is and how to spot bad links and attachments that could lead to an infection
  4. Ensure you have a proper firewall protecting your network and SPAM filter solution protecting inbound e-mails, and that the policies are periodically reviewed and updated as needed
  5. Employ a managed antivirus/anti-malware tool.  These tools have evolved a lot over the past several years.  It is critical to have a solution that is supported by a 24/7 Security Operations Center that is constantly monitoring for alerts and incoming threats.
  6. Protect your business from disruption financially with a cyber liability insurance policy

If you have identified a Ransomware attack in your organization, take these immediate steps as soon as possible:

  1. Shut down all infected systems, computers, and network devices immediately.  As a precaution, you may want to shut down network switches and servers as well as unaffected devices until you are sure you are able to isolate the infection.
  2. Notify your entire organization as soon as possible so that users are aware of the threat and can take quick action
  3. Notify your IT Outsource or Managed Services provider so they can partner with you on a response plan
  4. Notify your insurance carrier to start the claim process and get access to response & restoration services
  5. Notify local law enforcement and file a complaint with the Internet Crime Complaint Center