Sean Riley:
With all the fancy introductions out of the way, welcome back to the podcast, Donna.
Donna Ritson:
Thanks, Sean. It's great to be here with you again.
Sean Riley:
I guess first of all, could you briefly explain what is a cyber attack and how are manufacturers being targeted?
Donna Ritson:
Absolutely, Sean. And you're right, this is in our news consistently. Cyber attacks can really be broadly defined into two categories. IT attacks which attack the enterprise. Systems like the enterprise resource planning systems or email or HR, CRM programs are attacked. And the other is OT attacks, the operational technology part of the business. And that happens on the plant floor, like PLCs or SCADA systems, HMI portals or smart sensors. Those would be the things that would be targeted.
Sean Riley:
It's interesting that you say, you summarized it perfectly all the different ways because we've actually anecdotally talked to some companies in manufacturing, whether for the podcast or other things I do, and they put everything on the same network. And finally gotten on board with IT and OT sort of working together. But then didn't even realize that they're all sharing the same internet that the person in the office is using the same internet as the manufacturing machines, which obviously isn't necessarily a good idea to have that open to everybody like that. And that can lead to some of these problems. I think people don't realize just how deep all the connections can go.
That was a great way of summarizing that email can affect sensors and PLCs and things like that. I guess beyond the... We mentioned the gas line, but what are some ways in which manufacturers are being targeted? Can you talk about some of the specific strategies that cyber criminals are deploying?
Donna Ritson:
Absolutely. And there's numerous ways that this is happening that bad actors can actually penetrate a manufacturing system. One of the most common, and we see this in our personal lives as well, it's called phishing. It's not a word we're unfamiliar with. But what happens is it appears to be a legitimate email. They're trying to trick the person at the other end by clicking on a compromised link that would reveal any sensitive data or information.
And if it's really highly targeted at a specific person, which sometimes it is, or a particular job function, then it's called spear phishing. Obviously, more targeted than phishing. But another common attack that is happening out there is a Trojan where malware actually masquerades as if it's coming from a trusted source. We've seen this even in our personal lives where some of the companies we do business with, it appears like it's coming from Amazon or UPS, but it's really not. And that's the same in the manufacturing sector. Could be coming from a trusted supplier, but it's actually a crypted email coming from a cyber criminal.
In another attack, a distributed denial of service attack is where it's really a coordinated IT attack and it's designed to crash websites, disrupt email, and even compromise some of the IIoT devices. But one of the most troubling, and I think one of the ones that we're hearing most in the news is ransomware attacks.
Sean Riley:
Yeah, I've heard this, like you said, it's in the news all the time now and I think it's affecting most industries. Ransomware just seems to be something that people don't even have really a way around it once it happens. Once it happens, you're kind of at the mercy of the people that are requiring the ransom. Could you speak a little more about what this threat really means for manufacturers?
Donna Ritson:
Certainly. And ransomware, it does seem like you're at their mercy and if you haven't protected your systems or really understood what to look for, yes, then you are at their mercy. And it's really where they come in and they shut down your operations by locking out access to your critical data until that ransom is paid.
And keep in mind that ransomware really can affect both IT and OT parts of the business. And ransomware is an increasing threat. And cyber criminals are particularly targeting the manufacturing industry right now. It's where they know they can have the biggest impact because uptime and productivity are so crucial.
And I don't want to throw a lot of statistics out here, but it is pretty alarming to understand just how significantly manufacturing is under attack. It increased just last year over 150%. Putting that in perspective, we really understand the urgency that manufacturers are under to really create and minimize their risk. And you talked about separating networks and that certainly is a place to start.
Sean Riley:
We touched on the gas one, that's obviously a pretty big deal that was in the news. And so, I don't think that's something even I would've thought of it would fall under something that would fall victim to something like ransomware. Who is at risk for a cyber attack in manufacturing? Who in particular?
Donna Ritson:
Well, it's really just about everyone, Sean. Anyone that's making a product, managing a digital network, producing an output of any sort. That includes brand owners, OEMs, contractors into this industry, suppliers in manufacturing. It could be anything from food to heavy machinery. We've heard the pipeline even can really fall victim to cyber attacks.
And there are service providers even such as cloud network managers that can be attacked. We've heard of some of our own government systems being attacked. Even small businesses are targets. And again, just last year about a fourth of all the cyber attacks in manufacturing, were in small operations.
Particularly vulnerable operations are those that are highly integrated, connected with extensive networks, just as you mentioned, having them connected and not separate. Which makes it possible for the cyber criminal to really access that network and many of the files. And if they can get in from a single point of entry, that's the vulnerability that they're looking for.
Literally every single connection at an operation or a manufacturing facility is considered a potential threat. And is especially important for companies to have that comprehensive cybersecurity plan in place. It's really the first step and it's critical.
Sean Riley:
Speaking of cybersecurity plans, what can manufacturers do to protect themselves from these attacks? Are there strategies that they can lay out ahead of time to reduce the risks?
Donna Ritson:
Yes, there are absolutely steps that manufacturers can take. And every manufacturing site obviously is going to be different, but really to begin to proactively guard themselves against cyber threats, one of the most important is training employees. To really teach employees what to look for, particularly in phishing emails is one of the first lines that come in.
But also, make sure that the employees understand that they're the first line of defense. And really repeat this message regularly so that they understand their importance in helping establish a clear guideline. And helping them understand how to adhere to that guideline and giving them a way to report any potential threats that they might encounter.
And next really is that risk assessment, to understand where your vulnerabilities are. How is data being collected? Where is it being collected from? How is it being stored? Where is it being stored? Who has maybe access to that data? And are there any external connections that need to be paid attention to and brought into the vulnerability assessment?
And then really, it's important to assign a team to designate a leader. When we interviewed companies for this white paper, there were companies that were already establishing these lines of commands. Make sure that there's a department that's responsible for cybersecurity. In one of the most important things we heard is give them a budget to do it.
And then really last is looking for that cyber security third partner, an expert who can really help manufacturers through the process of where there are vulnerabilities, looking at their assessment, training their employees, and really helping them build some long-term security goals.
Sean Riley:
Very interesting. You referenced some numbers and they were from the beginning of 2020, which would include kind of when the pandemic started to spread around the world and become much more of an issue, particularly here in the US and North America. I have to think, I mean, has the COVID-19 pandemic altered the cybersecurity equation for manufacturers?
Donna Ritson:
It definitely has, Sean. And it's been very quick because we know when the pandemic hit, the majority of people were sent home to work remotely. The pandemic drastically expanded that pool of remote workers. And again, the majority of the companies that we interviewed said that they really had to scramble to get those remote workers safe access to their networks.
And I think some of that started the process of looking at networks in general, like you had mentioned earlier. And creating some separate networks internally at manufacturing. And it really, the whole pandemic has created a new set of security challenges for manufacturing.
Sean Riley:
Without giving away too much, because we have you on here because you put together this wonderful white paper on cybersecurity, accessing your risk. And I'll let people know later where we can get ahold of that. We don't want to come on here and read the whole white paper to people. I guess what are some key takeaways from this white paper?
Donna Ritson:
Well, there's a couple of things. Certainly cybersecurity takes vigilance and it takes cooperation across the entire manufacturing, both IT and OT operations. Because we know cybersecurity criminals, they're constantly changing their strategies. As we change our strategies to protect ourselves, it's requiring really diligent monitoring in updating of best practices.
And then again, really ensure that all departments and all your employees are on board with what that cyber plan is. And be sure, again, I reiterate this, make sure that your employees know how critical they are in preventing an attack. Oftentimes, that first entry might be through a phishing email or a targeted piece of malware that they think is coming from a secure location.
And in conclusion really, it takes the entire industry working together. We need to share the knowledge with our cybersecurity experts out there to really create a comprehensive plan and maybe set some of the standards that can lead to a more improved security across all manufacturing sites, Sean. It's definitely something that is escalating in our world and making preventive actions is really going to put manufacturers in the best situation.
Sean Riley:
Wow. It just feels like such a moving target that's constantly changing. And there's so much more to learn about how to understand the impact of cyber criminals and how to put these best practices that you outlined really well for us in place to secure your operations.
You can definitely read more about this in PMMI's whitepaper, which we encourage you to download the whitepaper, Cybersecurity, Access Your Risk at pmmi.org/research. I can't thank you enough for coming on here, Donna, and giving us the lay of the land on what people can expect from this white paper and some key takeaways that people can use to secure their manufacturing operations.
Donna Ritson:
Thanks, Sean. It's been my pleasure. It's certainly a topic that is top of mind.
Sean Riley:
Please rate, review and subscribe. To do that, go to the iTunes podcast or Spotify app on your phone and search for UnPACKed with PMMI.
