Page 92 - Food&Drink Magazine November-December 2021
P. 92
TRENDS & TECHNOLOGY
The inside
track on
cyber-attack
The heart-stopping moment a company CEO is told the business has been hacked with a ransomware demand was shared by packaging industry professionals at the second event in APPMA Digital Lunchtime Series held in September.
Deloitte’s head of cyber risk David Owen gave a presentation on how cyber-attacks happen, what can be done to prevent them, and how best to deal with the aftermath.
The ensuing panel session had Rosanne Jessop, CEO of Pilz Australia, Mark Dingley, CEO of Matthews, and Jamie Rossato, information security director at Lion, discuss their experiences with Owen, and take questions from the audience.
The presentation highlighted the need for all business large and small to take constant proactive steps to manager their cyber security. It was evident, through the candid revelations of the panel, that it is fairly easy for any business to fall behind in their online security, which can lead to devastating consequences.
Mark Dingley recounted answering a 6am Friday morning phone call to be told Matthews had been compromised, and the ensuing intense operation over the following days to fend off the attack, rescue the company’s data, and get back online.
Rosanne Jessop told of the moment her overseas head office simply shut down all communication channels following an attack, leaving the Australia business with no access to any office documents or emails, and no way of telling its customers, or its employees it was out of action, while HQ attempted to sort out its problems.
Jamie Rossato said all businesses need to be prepared for a cyber-attack. He asked the audience, “Do you know who to call if you are having a ransomware or DDOS attack? Do you have alternative comms structure set up so you can let people know what is happening. Do you know what your active directory is and how to protect it? Do you have a plan?”
He said that ransomware was successful when it was able to compromise all the back-up files, so having ring-fenced back-up was essential. He also said that backing up also gave an operational dividend, as well as ensuring that the business would be able to function under attack, and he said IT security should not be something that is done when there is a “bit of spare time” but it should be factored into the operation
“Assumptions are often the biggest challenge. People assume their systems are secure for numerous reasons, when they may not be.”
6 NOVEMBER-DECEMBER 2021 MACHINERY MATTERS
Giving an idea of the scale of the problem, Owen said Deloitte has a department of 400 dealing with cyber-attacks for its clients. He said that since 2016, and especially since Covid, ransomware attacks have risen exponentially, and that ransomware was the biggest issue in cyber right now. He said the advent of working from home in Covid had significantly weakened the defences of most businesses.
Owen went through a typical timeline of a ransomware attack, which generally starts four or five weeks before the company knows anything about it, while the malware works its way through the system, destroying alarms and back-ups, and corralling the data. Around day 35 is the first a business knows, and by then there is little they may be able to do.
Ransomware enters through stolen or guessed passwords, through USB sticks, through phishing emails, and through vulnerable parts of the system. Emails fail, restoration fails. Owen said it is at this point that business typically realise their network diagrams are out of date, and their system logging does not work, and it is not long after this that key people become saturated and stressed.
Owen then took the audience through the dynamics of a ransomware attack, from the first stage of initial access, through to consolidation, and then on to the impact.
He said, “Assumptions are often the biggest challenge. People assume their systems are secure for numerous reasons, when they may not be. They assume their data is getting backed up, when it may not be, or may be getting backed up to somewhere that can also be destroyed.”
Owen said the advent of Industry 4.0 and Smart Factories, while great news for manufacturers, was also problematic for cyber security, as they are open to risk. He said it is important for businesses to understand their weak spots, and to segment where possible so that an attack on one area would not lead to wholesale closure. That weak spot may be something as simple as the CCTV around the factory. In regard to DDOS attacks, where a server is flooded, he said software is available to throttle unexpectedly high levels of traffic.
This session is available on podcast and video; visit appma.com.au to find out more. The full length report from the session is also available on packagingnews.com.au ■