As fans of the TV drama Scandal will know, the first mistake that people make in a crisis is not knowing they’re in one. While there is only so much preventative action a company can take to defend itself against a cyberattack, taking the time to prepare is something that many businesses neglect. Here, Jonathan Wilkins, director of industrial automation parts supplier EU Automation, explains why it takes courage to take these first steps, and why it may make all the difference.
Whether it’s five steps, eight steps or ten steps, most experts will tell you that successfully planning against a cyberattack, particularly in industry, requires business leaders to take action around four core areas: your external environment, your internal environment, your valuable asset — such as your data or your production capacity — and finally, your people.
External environment
Your external environment is all about understanding your enemy. Knowing the exploits hackers are using to compromise systems, the sectors that are being targeted, the types of attacks that are being used; knowing and understanding this will let you know where you stand.
Internal environment
The second, is your internal environment. This is about putting in measures to prevent, detect and respond. Installing the latest hardware and software, the latest updates and security patches, and then using antimalware programmes and firewalls to deliver ongoing monitoring.
In some cases, companies are using artificial intelligence to train their network to build its own virtual immune system, so that it can detect even minor changes in traffic on the network and respond to immediately curtail or shut down the precursors to a future attack.
Protect the asset
The third, is protecting your assets, most commonly your data, from being compromised. This might mean using encryption, or a secure facility, or even managing user access.
Your people
The fourth is your people. Instilling a culture of security in the organisation is perhaps one of the most difficult parts of the puzzle. Ensuring that everyone understands the risks, and actively works to mitigate them is vital from a people perspective.
But what about courage?
However, is there a fifth ingredient? I would argue that courage is the essential step that brings together all these disparate factors into a finished plan that is greater than the sum of its parts.
It takes courage not to turn a blind eye when other businesses are being attacked in your sector. It takes courage to make the difficult investment decisions that will bolster your physical security. It takes courage to protect your data at the potential cost of productivity. It takes courage to get buy-in from your entire workforce for an attack that may never materialise.
No amount of planning, however, will ever mitigate the risk of a cyberattack, and so it also takes courage to recover after an attack that cripples the business. This is exactly what one industrial business did when it was attacked earlier this year.
In March 2019, aluminium manufacturer Norsk Hydro, based in Oslo, Norway, became the victim of a global cyberattack that has cost the company $52m. It was so bad that many of the company’s plants had to resort to using pen and paper. Some 35,000 staff in 170 plants around the world were left reeling when the cyberattack brought production to a halt.
The company had to shut down around 22,000 PCs across 40 countries when it became the victim of LockerGoga, a relative of the equally devastating WannaCry ransomware virus.
The company refused to pay the ransom and decided to rebuild operations from the ground up. It brought in long-since retired employees to manually recode the production machines using the original printed paper manuals. What’s heartening is that staff rallied around the cause, with sales people volunteering to work shifts on the production floor and staff from the accounting team making sandwiches during troubling times.
While this is a rare example of a business that was affected on such a large scale, the lesson for others is that taking the first few steps to preparing for an attack can make all the difference as to whether the business will survive. So, take that courageous step today.