Malware (including Ransomware, APT, Virus, ...) protection

Malware is a broad term that describes a computer program (software) that was intentionally developed to cause damage to a computer system, mainly with the intention in financial gains - but more frequently to cause business interruptions, being held hostage or to simply steal information. 

For over two decades malwares have existed, specifically written to exploit vulnerabilities in computer systems, that can be used for personal gains. It is a form of cybercrime to use them, to break into someone else system. In most countries in the world, it is not a crime to develop malware - only to exploit it against someone else. 

Malwares exist in many different forms. What used to be viruses, that were sent generally via email in the past, have transformed into specifically engineered pieces of software for specific purposes - the most infamous one today being Stuxnet. For viruses, security software and firewalls have been equipped to detect them and quarantaine them before they can even be seen by the destination email address. But through phising attacks (emails with a malicious hyperlink - URL) or man in the middle attacks (website that have been compromised and redirect traffic) users are still being exposed to malware. 

Malware can also enter by means of USB-sticks, pieces of software that don't belong on an industrial control systems or manufacturing system (games, apps, ...) which can sometimes contain malware of pieces of them. 

Ransomware is a form of malware that typically starts encrypting data, once it has been activated. To decrypt a ransom has to be paid. Ransomware can be avoided by 1) frequently upgrading the underlying software to avoid exploitation of vulnerabilities, 2) isolating the industrial systems from office and other types of systems, 3) restricting access to the systems by means of physical and logical limitations.

APTs (Advanced Persistent Threats) usually are a combination of multiple attacks and threats, intended towards a specific target. APT's will combine the detection of vulnerabilities with the exploitation of malware and ransomware. APT's are typically being coordinated by nation state actors or organized crime. 

Digital Manufacturing Platforms should be concerned about the abuse of their platforms by malicious users, and should prevent by all means available man in the middle attacks or similar attacks where redirects of the platform end up on the download of malwares. By running the Digital Manufacturing Platforms in the cloud, additional security measures can be put in place specifically monitoring the activities of specific containers for unexpected calls or actions. Manufacturing companies should further give notice to the continuous protection of end point devices and active monitoring of network traffic on top of the detection of malicious activities. 

 

No additional information available