Protecting IoT devices from ransomware attacks

From industrial robots in processing plants to connected security systems, the Internet of Things (IoT) is reshaping manufacturing. Manufacturers now have access to data from a range of network-connected devices, which they can use to make business decisions, improve operations and reduce downtime.

According to Gartner, there will be 20.4 billion connected devices in use by the end of 2020 and businesses will account for at least eight billion of these. However, without the necessary security in place, each device represents a potential entry point for malicious cyberattacks.

According to Cybersecurity Ventures’ 2019 Official Annual Cybercrime Report, for instance, a business falls victim to a ransomware attack every 14 seconds.

The manufacturing industry has become a popular target for ransomware ― malicious software that blocks the user’s access to a computer system or device until a sum of money has been paid. High-profile victims include Nissan, Renault and C.E. Niehoff.

Manufacturers feel the true cost of these attacks when production lines come to a halt, and many firms pay out of desperation. In 2019, global aluminium producer Norsk Hydro suffered a ransomware attack that hit 22,000 of its computer systems in over 40 countries. It was estimated that the total recovery cost Norsk Hydro £45m.

Encrypting ransomware, also known as cryptoware, is the most common type. It finds and encrypts valuable data stored on computer systems. For manufacturers, this could include data obtained from operational technology such as pumps, compressors and motors. An attack could also affect valuable customer data, which could lead to serious data breaches if released. Katyusha, for instance, is an encryption trojan that threatens to distribute data for public download if its demands are not met.

While manufacturer’s valuable data will typically be stored in the cloud rather than on the connected device, ransomware attackers can also lock your devices. They could use these physical assets to wreak havoc on a production process until you pay. So, what can manufacturers do to defend themselves?

Although there’s no silver bullet for ransomware attacks, you can take certain steps to avoid security breaches in your IoT system. First, if you use smart devices you should remotely upgrade their firmware as insecure update channels can allow the device to become infected more easily. You can also eliminate malware entry points by encrypting the communication channels that connect your devices.

Manufacturers should protect their IoT systems by having strategies in place to identify infections early on. For example, Proteus Disaster Resilience is designed specifically for operational technology environments and includes algorithms that identify when an infection has entered the network of devices. These can be retrofitted and incorporated into existing systems, so manufacturers can also protect legacy systems.

You should also regularly back up your system and introduce redundancy provisions by storing your data locally and securely away from the site.

Ransomware attacks a business every 14 seconds. Don’t let the next attack be on yours.