The following is an opinion article composed by Lior Frenkel, CEO, Waterfall Security Solutions.
When the WannaCry ransomware attack on May 12 halted or reduced production at five Renault factories around the world, and shut down Nissan’s huge Sunderland plant, the car manufacturing conglomerate learned the hard way about the importance of cyber-security. Renault-Nissan unplugged from the internet any sites that had reported infection by the malicious code, intentionally taking those operations offline, which interrupted production for hours or days.
The criminals behind the attack reportedly managed to lock-up about 200,000 computers world-wide. The WannaCry debacle is just the latest ransomware variant responsible for creating havoc at countless organisations, including critical infrastructure such as great swathes of the UK’s National Health Service. The number of manufacturers affected has not yet been collated [at time of writing], but the impact on Renault-Nissan is certainly significant.
The cybersecurity advice most probably followed by all those organisations affected was to use firewalls to keep their networks safe, and always to install the latest security updates. As is now clear, not everyone has always managed to follow this advice with sufficient alacrity. The attack came almost exactly two months after Microsoft issued its update-fix for the ‘EternalBlue’ vulnerabilities that WannaCry exploited. Frankly, 60 days are insufficient to install and verify the patch, test it, approve the changes, and update every device in every site, factory, and hospital at all operational production sites.
Even if it were, are those firms that did update their systems correctly rendered effectively invulnerable to similar future attacks? Of course not. The latest patch might have closed one security hole in one type of system, but it was only one of thousands of security issues embedded in hundreds of discrete systems.
Happily for manufacturers, a straightforward fix exists which should protect Industrial Control Systems from any and all internet-transmitted cyber infections. Our firm partners with international insurance brokers THB and Lloyd’s underwriters to provide industrial businesses around the world with comprehensive cyber security. We have simple advice for manufacturing operations: install a unidirectional security gateway. Many critical industrial sites have already done so, and WannaCry couldn’t touch them.
Unidirectional security gateway technology makes industrial sites inaccessible via the external networks that monitor them, or through the cloud services with which they share data. This protective measure effectively immunises the network to this class of malware, and indeed to all fast-spreading worms, and lets companies use their critical networks without risk of ransom or other infection. It creates a physical barrier to the propagation of malicious code and other online attacks back into the networks. One layer of gateways is the minimum that is needed to protect the control network.
Time is of the essence. As WannaCry showed so clearly, unprotected companies are in danger, even if they believe they are unlikely to be targeted. Worms are indiscriminate. Worse, the success of the recent attack almost certainly means that the ransomware threat will quickly become even greater. Its relative success – from the point of view of the hacker-extortionists – has shown organised criminals that they can make so much money through ransomware that they can afford to buy the skills to identify and exploit other vulnerabilities. By the end of 2017, the bad guys will not have to wait for an intelligence agency to leak the next batch of vulnerabilities. Rather, they will be digging up their own.
The time has come for all critical infrastructure providers to raise the security bar against cyber criminals. The sooner all critical networks are protected by unidirectional security gateway technology, the better and safer manufacturing companies will be.
The preceding article was an opinion article composed by Lior Frenkel, CEO, Waterfall Security Solutions. The views expressed within the article are not necessarily those of Insurance Business.
Turning cyber chaos into broker opportunity
Lockton cyber head: Brokers “being pushed into a more advisory role”