Ransomware targeting manufacturing industry is rising, security experts fear far worse consequences than simple computer infection.
Since ransomware has proven to be a profitable trade, hackers have recently turned their attacks on production lines. For now, it seems to be mainly trial-and-error attempts, trying to learn the Materia more than anything else. however, cybersecurity experts estimate that the number of attacks will be rising, to be as bad as the attacks on the financial sector. Moreover, cybersecurity representatives debate on the dangerous possibilities that could emerge given the complex systems and mechanisms that are directly and indirectly affected by these computer.
Attacking the Car Industry
In the first few months of 2017 the number of all ransomware attacks including finance, health and manufacturing industry has increased by a staggering 250% compared to last year. More surprising is the fact that hackers have now turned to exploit weaknesses of factories around the world, bringing entire production lines to a halt. The manufacturing sector includes automotive, textile, pharmaceutical and electronical industry. According to IBM X-Force research the most affected was the automotive sector with a 33% share of all attacks.
The most prominent example is AW North Carolina that lost $270,000 for each hour their production line did not dispatch the parts for Toyota factories around Northern America. John Peterson, the plant’s information technology manager said: “These people who try to hack into your network know you have a set schedule. And they know hours are meaningful to what you’re doing. So if we don’t make our product in time, that means Toyota doesn’t make their product in time, which means they don’t have a car to sell on the lot that next day.” The great auto industries are not immune to the attacks either, carmaker plants like Renault, Honda and Nissan had to stop the production line for similar reasons.
Intellectual Property and New Ransomware
The reason of cyberattacks has been mostly the intellectual property. According to FBI reports $400 billion worth of intellectual property has been stolen from the USA via cyberattacks. Implementing ransomware in some of the industries is fairly easy according to Cisco research, given the human factor involved and lack of ongoing security updates in their entire network of PCs and computerized systems. Honda has reported that this way 2,200 computers in their company were infected. Therefore, for the online culprits a hole in security network and an employee is all they need to breach the wall of secrets. The Trojan horses to win the battle were so far WannaCry, Petya, NotPetya. Security researchers at Proofpoint (a cybersecurity company), have discovered a new type of ransomware. Noticed on August 15th this year, it has been named Defray. As the researchers point out observing the behavior patterns it attacks two sectors:
- Healthcare and education organizations
- Manufacturing and technology.
This new form of ransomware arrives as a Microsoft Word document, inviting the user to open a document. The file contains an executable file, which once installed locks down (encrypts) the entire information on the computer and demands $5000 in bitcoins as ransom, to be released. Defray has been spreading through email attachment targeting manufacturing industry associated emails in UK and US.
ShieldApps Software Innovations portfolio includes a software designed to detect and block ransomware prior to any damage – Ransomware Defender. Ransomware Defender stands guard 24/7 to detect infection attempts on a computer system, and works alongside other antiviruses and anti-malware software without any technical issues. Ransomware Defender will actively deep scan an entire computer’s file system, both high level and low level folders for any threat. With over 130,000 protected users, Ransomware Defender has been the most downloaded anti-ransom software in 2017.
Hackers are breaching the security networks where they find a vulnerability that can be bypassed. Their sole purpose is extracting money, by ransom or by selling companies intellectual property. Cisco reports that 28% of the generated revenue has been lost in the manufacturing industry due to the attacks. Some companies are admitting they are not prepared for the attacks, due to lack of trained personnel. The wakening call may have just started, and something has to be done to at least diminish the number of the attacks.