Engineering and manufacturing businesses have been issued a warning by cyber experts at the North East Business Resilience Centre (NEBRC), a non-profit, police-led organization. The warning comes following a trend in ransomware attacks within the supply chain of engineering and manufacturing firms.
Businesses are being left at risk from cyber-attacks, with multiple entryways for criminals however there is a recent trend in threats coming via compromised supply chains. This is where criminals find vulnerabilities through a supplier, which then leaves any businesses they operate alongside at risk. Often any attacks will have long-lasting consequences.
There are, however, ways to limit the risk of this happening by working closely with your suppliers and tech teams. It is a good idea to regularly check for weaknesses and perform additional checks should a threat be suspected within your supply chain. It’s not just employee, business and customer data at risk. There is a very real threat to your business’ finances too, whether this comes directly from the attack or in the potential fines and compensation payments which follow a breach. Additionally, attacks can tarnish a brand’s reputation, affecting business performance for years to come.
Investigating Vulnerabilities
Preventing attacks and reducing vulnerabilities is key and businesses should act fast if they suspect their supply chain has been compromised. One of the best ways to spot holes in your security is to conduct a vulnerability assessment. This involves scanning and reviewing business systems, to search for weaknesses such as poorly maintained or configured systems, limited access controls and easy access to sensitive data. It simulates the approach a criminal would take to infiltrate your system and should include an easy-to-understand report, explaining the results. It’s important to include definitions of weaknesses and the associated risks, plus plans and guidance on how to fix and minimize those risks, taking into account different stakeholders and their knowledge levels for cyber and tech.
What Does a Successful Vulnerability Assessment Involve?
Recently, NEBRC’s student ethical hackers, under the supervision of industry professionals, supported an undisclosed organization in the engineering and manufacturing industry to manage vulnerabilities. They worked collaboratively with the business’ technology provider to undertake a vulnerability assessment of their server and a review of existing information security policies. The firm was concerned that attacks within their supply chain could reach them and so they wanted to be proactive in their response to prevent further threats from occurring.
The assessment involved checking how the server might be attacked across the internet and looking for any weakness that might have been present on the inside of the organization's network. It also benchmarked the company’s security policies against the internationally recognized best practices in the ISO27001 series.
While undertaking the assessment, the team found numerous PORTS (connections used to exchange information) were open on the server, presenting a possible risk of ransomware attacks. The policy review suggested improvements to the data backup position, another vital defense in the fight against ransomware, as properly configured backups identify the data any organization cannot do without and ensure that data is copied and stored elsewhere.
The firm then worked with its technology provider to close PORTS that didn’t need to be open and made some changes to its backup solutions, meaning in the event of an attack, the company had readily accessible backups it could revert to. These actions, combined with phishing training, which was delivered virtually, meant that the engineering firm was in a much stronger, more resilient position and is less likely to be the victim of a ransomware attack in the future.
Finding Support to Plug Skills Gaps Within Your Business
Often businesses and workers are aware of preventative actions like password best practices, but few understand that often vulnerabilities are targeted, not organizations per se. Many don’t know what to do if a compromise is suspected. Cyber security can feel daunting and expensive however, should a threat infiltrate your business, the costs of recovery are much higher than the cost of proactivity. The Cyber security breaches survey 2023, conducted by the NCSC found that business cybercrimes costs on average £15,300 annually per victim. The same research found that in the last 12 months, there have been approximately 2.39 million cybercrime instances and a further 49,000 of fraud. With engineering and manufacturing firms not being left untouched. To combat this, there is a network of cyber resilience centers across the UK, who are able to keep costs low for engineering firms and plug skills gaps by subsidizing security assessments where possible.
