What is Ransomware?

What is Ransomware?

Welcome to “Ask Deb from QA,” a new column from MxD.


Deb from QA — with decades of experience on the factory floor — will answer your questions to demystify and explain the digital manufacturing industry.


Please submit your questions to debfromqa@mxdusa.org



Dear Deb from QA: What is ransomeware?


Ransomware is absolutely as bad as it sounds. 

It’s malicious software — or malware — that can bring a factory floor to a halt and paralyze every computer in the place. In a ransomware attack, criminals demand money in exchange for ending the attack and letting go of the data or computers they are holding hostage.

You may be familiar with the sinister-sounding names of recent ransomware: WannaCry, Locky, and Bad Rabbit, to name a few.  

Like all of the cyber threats you are hearing about, ransomware is not something to ignore. In fact, last year, the number of reported ransomware attacks on manufacturing targets more than tripled compared to 2019. That’s according to a report from Dragos, which is an industrial cybersecurity company that has done webinars on the topic with my friends at MxD with other partners like SideChannel. Here’s a link to one that I watched recently (more on that in a bit). 

Ransomware basically acts like your garden-variety kidnapper; the attackers even send a ransom note. Once the malware is in your network — informational or operational —  it encrypts all the data, changing folks’ credentials and holding everything hostage until the tech team figures out a way to restore the network or someone hands over the bitcoin ransom the criminal masterminds are demanding. 

We aren’t talking peanuts here folks.

Sophos issued a report last year saying the average cost of a ransomware attack for the companies that paid the ransom was nearly $1.4 million. Those that didn’t pay up and restored their networks with backups or some other way had costs of nearly $730,000. One estimate I saw said damage from ransomware attacks could hit $20 billion this year. 

How does it get in? Well, you’d think we’d know better by now, but some folks are still clicking hinky links or opening those phishing emails the IT team is always warning us to report and delete. 

That puts crucial production systems at risk, not to mention the systems I care most about, like payroll.  

And this isn’t the movies. So Tom Cruise isn’t going to be able to sprint across the shop floor and halt all this with a tenth of a second to spare. Once the ransomware is in, it’s in.

It’s risky business to think any shop is too small for these criminals to bother with. That same Sophos report showed how smaller companies are nearly as likely to get hit as the big guys. 

During the MxD-Dragos-SideChannel webinar, SideChannel Cofounder Brian Haugli talks about how these ransomware criminals take a shotgun approach. Your factory may not even be directly targeted. 

But your digital link to the bigger fish in the supply chain means you could get hit as collateral damage and have, as Dragos’ Principal Cyber Risk Adviser Jason Christopher said, “the worst day imaginable.”

So pay attention, folks. “We have a hostage situation!” is not something you ever want to hear anywhere. And that goes double for the factory floor.

Assuring quality,
Deb



Check out the last Ask Deb here:
What is Generative Design?



Deb from QA wants to hear your questions. Send ‘em to debfromqa@mxdusa.org and she’ll answer as soon she’s done with her shift. You can find the full ransomware webinar (and all of MxD’s previous webinars) in the webinar library.