June 3rd, 2021
Held For Ransom
It is the peak of the busy season, and your production crew is only half through the daily production quota of 1,200 windows. All of the sudden, your glass cutter stops. The glass line supervisor calls the maintenance manager who is already tied up trying to figure out why the four-point welder has suddenly gone down. Then the sound of the CNC corner cleaner stops.
The silence is deadening.
Your factory has just experienced a ransomware attack.
Ransomware is a form of malware that encrypts a company’s computer files. The attacker then demands a ransom to restore access to the data upon payment.
Users are given instructions for how to pay a ransom to get decryption keys. The costs are usually in the thousands, payable to the cybercriminals in Bitcoin. The criminals behind the attack usually set the fee as high as they can, yet “reasonable” enough, making it more likely that the company being victimized will just pay it in order to get back to business. Afterall, delayed shipments could cost enormous loss of business as customers are lost to competitors.
Last month, one of the nation’s largest pipelines, which carries refined gasoline and jet fuel from Texas up the East Coast to New York, was forced to shut down after being hit by ransomware in a clear demonstration of the vulnerability of our nation’s infrastructure to cyberattacks. As a result of this attack, some of my customers on the east coast experienced delays in both receiving components as well as shipping finished product since many truckers simply could not find fuel.
At the same time that news was coming out about this event, I was watching a movie with my son, Live Free or Die Hard,starring two of my favorite actors: Bruce Willis and Timothy Olyphant. If you have never seen this movie, check it out. It will help you visualize the mayhem that could result if a cyber-terrorist (played by Olyphant) were to hack into the computers that control the infrastructure of a major city like Washington, DC. Bruce Willis saves the day, of course, as he always does, but not before an entire city is turned upside down by major disruptions in transportation, communication, the financial markets and even the power grid!
There is an increasing trend in the fenestration industry to invest in automated equipment. Such equipment helps to maximize efficiency and minimize dependency on labor. Furthermore, since glass and window fabrication machinery is being controlled by computers, it opens up even greater opportunities to streamline all aspects of the company’s infrastructure by investing in software designed to integrate ERP with automated machinery on the shop floor.
This is great for streamlining the whole manufacturing process, including order entry, resource management, inventory control, production scheduling and even automated equipment operation. But what if this computerized system is hijacked? Do you just pay up and go on with business? According to research from Trend Micro, 66% of companies say they would never pay a ransom as a point of principle. However, in reality about 65% actually do pay the ransom when they get hit. So, why not just spend that money ahead of time to prevent such an attack?
That is what the field of cybersecurity is designed to do. According to Cisco, cybersecurity is defined as the practice of protecting systems, networks and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing or destroying sensitive information, extorting money from users or interrupting normal business processes. Because of the risks involved in such disruptions, it is no wonder that the field of cybersecurity is one of the fastest growing career fields. According to the U.S. Bureau of Labor Statistics’ Information Security Analyst’s Outlook, cybersecurity jobs will outpace the national average for all other job growth by nearly 800% through 2029.
I will be doing some research on what is offered to the fenestration industry in the way of cybersecurity and report back in a future blog, but in the meantime, watch the movie and you will see who really saves the day. Bruce Willis is tough as nails—he provides his usual amount of muscle and firepower. But keep your eye on a character called Farrell, played by Justin Long. Then you will realize that it takes a hacker to outsmart a hacker!