A few years ago, manufacturers were thought to be low-value targets for cyber criminals, and not many saw the need to purchase cyber insurance. “Traditionally, manufacturing companies are largely unregulated, and executives are often quick to say that they have nothing the bad guys would want,” explains Kevin Beaver, independent information security consultant with Atlanta-based Principle Logic and author of Hacking For Dummies.
But times have changed. The security company Dragos is reporting that publicly known ransomware attacks against the manufacturing sector have tripled in the last year.
According to a blog at ZDNet, hackers targeting factories are looking beyond the typical IT systems that are ubiquitous in any business, and going after industrial control systems (ICS).
Because manufacturers typically cannot tolerate long periods of downtown, they are particularly vulnerable to attacks and likely to pay ransoms.
And producers of physical products face other danger: Hackers could be using ransomware as a diversion to launch additional nefarious actions within the network, such as stealing intellectual property or other sensitive data.
“The good news is that most ransomware infections can be prevented,” adds Beaver, “by simply addressing the basics of security: ensuring patches are current, running proven malware protection, and training users on what to do – and not do – on their computers.”
Employees falling victim to phishing schemes is a leading entry point for ransomware and other attacks. All INSUREtrust policyholders are eligible for free services to shore up their security posture. Learn more about our ASSUREtrust services here.