Privacy policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content.
You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Managing your cookies

Our website uses cookies. You have full control over what you want to activate. You can accept the cookies by clicking on the “Accept all cookies” button or customize your choices by selecting the cookies you want to activate. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button.

Necessary cookies

These are essential for the user navigation and allow to give access to certain functionalities such as secured zones accesses. Without these cookies, it won’t be possible to provide the service.
Matomo on premise

Marketing cookies

These cookies are used to deliver advertisements more relevant for you, limit the number of times you see an advertisement; help measure the effectiveness of the advertising campaign; and understand people’s behavior after they view an advertisement.
Adobe Privacy policy | Marketo Privacy Policy | MRP Privacy Policy | AccountInsight Privacy Policy | Triblio Privacy Policy

Social media cookies

These cookies are used to measure the effectiveness of social media campaigns.
LinkedIn Policy

Our website uses cookies to give you the most optimal experience online by: measuring our audience, understanding how our webpages are viewed and improving consequently the way our website works, providing you with relevant and personalized marketing content. You can also decline all non-necessary cookies by clicking on the “Decline all cookies” button. Please find more information on our use of cookies and how to withdraw at any time your consent on our privacy policy.

Skip to main content

Digital security in manufacturing – coping with ransomware

By Vieri Tenuta, IT/OT and IoT Digital Security Offerings Manager, and Marc Llanes, Cybersecurity Global Business Development, Atos

The challenge

The manufacturing industry is particularly vulnerable to ransomware attacks because their technologies and operating systems are often legacy and do not lend themselves to security patches or updates.
“Ransomware is often misunderstood,” suggests Vieri Tenuta, IT/OT and IoT Digital Security Offerings Manager at Atos, “it’s highly prolific, easily developed and operates well in a low-tech environment as it exploits vulnerabilities in legacy systems that have no in-built security and relies heavily on social engineering. Up until recently, manufacturers found a level of security through obscurity as their systems were isolated but now that they are increasingly connected, there is a real issue.”

The risk

A malware attack can bring a manufacturer to a halt and prevent business from resuming. It is extremely hard to recover from an attack. In many cases the road to recovery – without any back-up in place – is almost impossible. You cannot break an encryption and often attackers can change encryption keys once an attack has been executed and re-attack.
Many organizations will pay the money immediately to recover. “I know manufacturers who have refused to pay, and their business has been disrupted, sometimes up to a year. It’s an extremely hard road.” says Tenuta.
The situation will be further complicated by new regulations surrounding cryptocurrencies. It is likely that the EU and US will look to ban crypto anonymity to prevent the funding of criminal activity through payment of ransoms. Although any movement to prevent ransomware is welcomed, further thought is required on practical support to organizations targeted rather than simply criminalizing organizations who feel they need to pay to resume operations.

Atos approach

Atos adopts an approach to security that covers people, processes, and solutions.

People:

to reduce ransomware attacks requires all employees to understand what an attack might look like and to take steps to protect and alert against threats. This is a strong defense against ransomware.

Processes:

a risk assessment and adequate data classification is required for an organization to understand how they would manage a ransomware attack. The cost/risk analysis of paying vs not paying must
be played out and scenario planning for every eventuality should be in place.

Solutions:

managed detection and response are needed. Utilizing tools and people, particularly AI, that can monitor user behavior and identify attacks before they take hold is vital.

Share this Page

By Vieri Tenuta, IT/OT and IoT Digital Security Offerings Manager, and Marc Llanes, Cybersecurity Global Business Development, Atos

Email Vieri about this article

Email Marc Llanes about this article