In 2017, hacking was something that happened to other countries attacking other countries. But in 2017, two big attacks called WannaCry and NotPetya brought worldwide attention to the idea that information technology can be attacked by hackers. Many manufacturing companies were already dealing with this quietly, but now everyone knows about it.
Elton Thimodo, a cybersecurity expert with Rockwell automation shares his insights into cybersecurity and how manufacturers both big and small should be thinking about and implementing security features to prevent extortion and ransomware and loss of operations.
Click below to listen to the podcast
This is episode six of the making things better podcast presented by JAE Automation where we deal with all things manufacturing and automation.
1:30 What do we mean when we’re talking about cyber security?
3:17 Current threats in cyber security
6:04 Clients investing in cyber security
7:24 How to identify the risks for customers in cyber security
12:23 How to help Small – Medium Sized Manufacturers to address cyber security and what are the risks
15:30 COVID affecting the cyber security
19:00 Steps in addressing you need to have a cyber security regardless of your company size.
25:00 Tips before investing in cyber security
28:13 Why hackers are targeting small/medium enterprises?
36:28 What does Ransomware look like? What are the types of attacks into cyber security?
What is cyber security?
Cyber security refers to the practice of securing computer systems, data, and critical infrastructure defending a computer or server system from malicious attacks from what is known as "cyber attacks"
These attacks to your network gain access to your devices, systems and data in order to steal software, data, or disrupt services.
What types of cyber attacks are there?
There are many different types of cyber attacks, including cyberterrorism and cyber extortion. While most attacks gain access through the internet, a threat can come through physical devices such as USB sticks from unsecured sources, employee laptops, or even from technology and products supplied from third parties that have their own systems breached.
What is ransomware?
Ransomware is a type of malware that locks down your files, devices or data until you pay the perpetrator an appropriate ransom. Cybercriminals often use ransomware to extort money from their victims by either encrypting the victim’s files or locking them out of their computers or system.
What is cyber extortion?
Cyber extortion may be a criminal act that cybercriminals use to extort money from victims while protecting themselves with anonymity in exchange for not publishing stolen data via online publication, such as on social media.
What is cyberterrorism?
Cyberterrorism is the use of cyber tools to cause terror or violence. Usually from a nationstate, to create vulnerabilities in an opposing country's economy.
What are some cybersecurity risks?
Some common types of cyber security risk include ransomware, extortion and cyber terrorism among many other kinds. Each type has different consequences depending on how it affects you. Some are financially based like ransomware that encrypts your files until you pay
How do I know if my company has been hacked?
Being hacked can happen without you even knowing it! If any of these conditions are present, it's possible that your company has been hacked:
– You notice unusual activity on the network.
– Your files have gone missing or become more difficult to find.
– Users can't log in to any of their accounts and you're seeing error messages when they try.
How do I prevent cyber attacks?
An effective security plan will begin well before a program or device is deployed. It will involve a cyber security strategy that incorporates people, process and technology to assess security risks, potential threats, and what security measures can be put in place to prevent unauthorized access.
Software developers should take cyber security into account when writing code for their software to prevent cyber attacks with the guidance of cybersecurity experts.
Information Technology departments need to manage user access by keeping track of who has permissions over what systems or data files in order to secure them against cyber attacks.
Automation experts work closely with security teams, to apply best practices and ensure that the data, network and software systems that are set up have adequate protection from cyber attacks.
Challenges of Cyber Security
The hardest challenge of security is the ever-evolving nature of those risks. Organizations protect their cyber security by focusing on the front door. They are trying to keep out people who want to harm the central system.
These approaches are inadequate today because threats advance and change faster than an organization can keep up with. The National Institute of Standards and Technology released the guidelines in its hazard assessment framework which encourage a shift to continuous monitoring and realtime assessments. For ensuring the effectiveness of cyber security organizations must coordinate their efforts throughout its information security system.
The importance of cyber security
Industry 4.0 taps into the mass amount of data generated by a facility, to produce a more productive and profitable system.
But all the gains of implementing the latest technology could be for naught if key infrastructure is not properly secured and sensitive information is leaked.
A cyber attack or malicious software that gains access to your devices could stop them from working, so having good security measures in place, and backup systems in case of breaches is of highest importance.
Training users and employees on best practices in cyber security can protect threats to the network by enforcing cyber security policies, developing awareness and understanding of cyber risks.
Managing cyber security
In a cyber security risk world, cyber attacks are inevitable. The key is to have an effective cyber security plan in place that incorporates people, process and technology to assess risks and what measures can be put in place to prevent unauthorized access. Rockwell automation has great experience with cybersecurity experts who work closely with IT departments to apply best practices and ensure the data network and software systems set up have adequate protection from cyberattacks. Cybersecurity at all levels of manufacturing companies- big or small- should start before any program or device is deployed by implementing a cyber security strategy which includes people, process, as well as technology for assessing cyber threats/risks. Training users on how they can protect their own devices against cyber attacks is also important because it's not just