unPACKed with PMMI Podcast: Stay Ahead of Cybercriminals . . . or Else

Listen to the unPACKed with PMMI podcast as Donna Ritson, president of DDR Communications, helps lay out a blueprint for discovering areas where your network could be vulnerable to cybercriminals.

Remote access and Industrial Internet of Things (IIoT) connectivity make manufacturing more efficient, but they also create new exploitable points of vulnerability. As the manufacturing industry continues to adopt more significant levels of technology and connectivity, a robust cybersecurity strategy is essential. Donna Ritson, president of DDR Communications, discusses PMMI Business Intelligence’s report 2021 Cybersecurity: Assess Your Risk, revealing that the recent rise in remote working further compounds these vulnerabilities and leaves the manufacturing industry at greater risk of devastating cybersecurity attacks.

To subscribe and find more unPACKED podcast episodes, visit pmmi.org/podcast.




   Watch this five minute video on ways manufacturers can improve cybersecurity.


   Read the full transcript below 


Sean Riley:

With all the fancy introductions out of the way, welcome back to the podcast, Donna.

Donna Ritson:

Thanks, Sean. It's great to be here with you again.

Sean:

Yeah, this is, I think, our third Riley and Ritson production.

Donna:

I think so.

Sean:

This is getting to be a thing. We might have to branch out and do our own. All right. So, where we are right now, we’re talking cyber security, and this was just mainstream news with the gas pipeline where a cyber-attack shut down an entire gas pipeline. So this is the right time for us to be covering such an issue. So, I guess, first of all, could you kind of briefly explain what is a cyber-attack and how are manufacturers being targeted?

Donna:

Absolutely, Sean. And you're right, this is in our news consistently. Cyber-attacks can really be broadly defined into two categories. IT attacks which attack the enterprise. Systems like the Enterprise Resource planning systems, or email, or HR. CRM programs are attacked. And the other is OT attacks, the operational technology part of the business. And that happens on the plant floor, like PLCs or SCADA systems, HMI portals, or smart sensors. Those would be the things that would be targeted.

Sean:

Interesting that you say, you kind of summarized it perfectly, all the different ways, because we've actually anecdotally talked to some companies in manufacturing, whether for the podcast or other things I do. And they kind of put everything on the same network and finally gotten on board with IT and OT sort of working together. But then didn't even realize that they're all sharing the same internet, that the person in the office is using the same internet as the manufacturing machines, which obviously isn't necessarily a good idea to have that open to everybody like that. And that that can lead to some of these problems. I think people don't realize just how deep all the connections can go. So that was a great way of kind of summarizing that email can affect sensors and PLCs and things like that. So I guess beyond, we mentioned the gas line, but what are some ways in which manufacturers are being targeted? Can you talk about some of the specific strategies that cyber-criminals are deploying?

Donna:

Absolutely. And there's numerous ways that this is happening, that bad actors can actually penetrate a manufacturing system. So one of the most common, and we see this in our personal lives as well, it's called phishing. It's not a word we're unfamiliar with. But what happens is it appears to be a legitimate email. They're trying to trick the person at the other end by clicking on a compromised link that would reveal any sensitive data or information. And if it's really highly targeted at a specific person, which sometimes it is, or a particular job function, then it's called spear-phishing, obviously more targeted than phishing.

Donna:

But another common attack that is happening out there is a Trojan where malware actually masquerades as if it's coming from a trusted source. We've seen this even in our personal lives, where some of the companies we do business with, it appears like it's coming from Amazon or UPS, but it's really not. And that's the same in the manufacturing sector. Could be coming from a trusted supplier, but it's actually a crypted email coming from a cybercriminal. In another tech, a distributed denial of service attack is where it's really a coordinated IT attack, and it's designed to crash websites, disrupt email, and even compromise some of the IOT devices. But one of the most troubling, and I think one of the ones that we're hearing most in the news, is ransomware attacks.

Sean:

Yeah, I've heard this. Like you said, it's in the news all the time now, and I think it's affecting most industries. Ransomware just seems to be something that people don't even have really a way around it once it happens. Once it happens, you're kind of at the mercy of the people that are requiring the ransom. Could you speak a little more about what this threat really means for manufacturers?

Donna:

Certainly. And ransomware, it does seem like you're at their mercy. And if you haven't protected your systems or really understood what to look for, yes, then you are at their mercy. And it's really where they come in and they shut down your operations by locking out access to your critical data until that ransom is paid. And keep in mind that ransomware really can affect both IT and OT parts of the business. And ransomware is an increasing threat, and cyber criminals are particularly targeting the manufacturing industry right now. It's where they know they can have the biggest impact because uptime and productivity are so crucial.

Donna:

And I don't want to throw a lot of statistics out here, but it is pretty alarming to understand just how significantly manufacturing is under attack. It increased just last year over 150%. So putting that in perspective, we really understand the urgency that manufacturers are under to really create and minimize their risk. And you talked about separating networks, and that certainly is a place to start.

Sean:

We touched on the gas one, that's obviously a pretty big deal that was in the news. And so, I don't think that's something even I would have thought of it would fall under something that would fall victim to something like ransomware. So, who was at risk for a cyber-attack in manufacturing? Who in particular?

Donna:

Well, it's really just about everyone, Sean. Anyone that's making a product, managing a digital network, producing an output of any sort. That includes brand owners, OEMs, contractors into this industry, suppliers in manufacturing. It could be anything from food to heavy machinery. We've heard the pipeline even can really fall victim to cyber-attacks. And there are service providers, even such as cloud network managers, that can be attacked. We've heard of some of our own government systems being attacked. Even small businesses are targets. And, again, just last year, about a fourth of all the cyber-attacks in manufacturing were in small operations.

Donna:

So particularly vulnerable operations are those that are highly integrated, connected with extensive networks, just as you mentioned, having them connected and not separate, which makes it possible for the cybercriminal to really access that network and many of the files. And if they can get in from a single point of entry, that's the vulnerability that they're looking for. So literally every single connection at an operation or a manufacturing facility is considered a potential threat. And it's especially important for companies to have that comprehensive cyber security plan in place. It's really the first step and it's critical.

Sean:

So speaking of cyber security plans, what can manufacturers do to protect themselves from these attacks? Are there strategies that they can kind of lay out ahead of time to reduce the risks?

Donna:

Yes, there are absolutely steps that manufacturers can take. And every manufacturing site obviously is going to be different, but really to begin to proactively guard themselves against cyber threats, one of the most important is training employees, to really teach employees what to look for, particularly in phishing emails is one of the first lines that come in. But also, make sure that the employees understand that they're the first line of defense, and really repeat this message regularly so that they understand their importance in helping us establish a clear guideline, and helping them understand how to adhere to that guideline, and giving them a way to report any potential threats that they might encounter.

Donna:

And next really is that risk assessment, to understand where your vulnerabilities are. How is data being collected? Where's it being collected from? How is it being stored? Where is it being stored? Who has maybe access to that data? And are there any external connections that need to be paid attention to and brought into the vulnerability assessment? And then, really it's important to assign a team to designate a leader. When we interviewed companies for this white paper, there were companies that were already establishing these lines of commands, make sure that there's a department that's responsible for cyber security. And one of the most important things we heard is give them a budget to do it.

Donna:

And then, last is looking for that cyber security, third partner and expert who can really help manufacturers through the process of where are their vulnerabilities, looking at their assessment, training, their employees, and really helping them build some long-term security goals.

Sean:

Very interesting. You kind of referenced some numbers, and they were from the beginning of 2020, which would include kind of when the pandemic started to spread around the world and become much more of an issue, particularly here in the US and North America. I have to think, has the COVID-19 pandemic altered the cybersecurity equation for manufacturers?

Donna:

It definitely has, Sean, and it's been very quick because we know when the pandemic hit, the majority of people were sent home to work remotely. So the pandemic drastically expanded that pool of remote workers. And again, the majority of the companies that we interviewed said that they really had to scramble to get those remote workers safe access to their networks. And I think some of that started the process of looking at networks in general, like you had mentioned earlier, and creating some separate networks internally at manufacturing. And really, the whole pandemic has created a new set of security challenges for manufacturing.

Sean:

So without giving away too much, because we have you on here because you put together this wonderful white paper on cyber security accessing your risk, and I'll let people know later where we can get a hold of that. We don't want to come on here and read the whole white paper to people. I guess, what are some key takeaways from this white paper?

Donna:

Well, there's a couple of things. Certainly cyber security takes vigilance and it takes cooperation across the entire manufacturing, both IT and OT operations, because we know cyber security criminals, they're constantly changing their strategies. So as we change our strategies to protect ourselves, it's requiring really diligent monitoring and updating of best practices.

Donna:

And then, again, really ensure that all departments and all your employees are on board with what that cyber plan is. And be sure, again, I reiterate this, make sure that your employees know how critical they are in preventing an attack. Oftentimes that first entry might be through a phishing email or a targeted piece of malware that they think is coming from a secure location.

Donna:

And in conclusion, really it takes the entire industry working together. We need to share the knowledge with our cyber security experts out there to really create a comprehensive plan, and maybe some of the standards that can lead to a more improved security across all manufacturing sites, Sean. It's definitely something that is escalating in our world and making preventive actions is really going to put manufacturers in the best situation.

Sean:

Well, it just feels like such a moving target that's constantly changing and there's so much more to learn about how to understand the impact of cyber criminals and how to put these best practices that you outlined really well for us in place to secure your operations. You can definitely read more about this in PMMI's white paper, which we encourage you to download the white paper, Cyber Security: Assess Your Risk at pmmi.org\research. I can't thank you enough for coming on here, Donna, And sort of giving us the lay of the land on what people can expect from this white paper and some key takeaways that people can use to sort of secure their manufacturing operations.

Donna:

Thanks, Sean. It's been my pleasure. It's certainly a topic that is top of mind.

Sean:

Please rate, review and subscribe. To do that, go to the iTunes Podcast or Spotify app on your phone and search for UnPACKed with PMMI.