 You're listening to Unpacked with PMMI, where we share the latest packaging and processing industry insights, research, and innovations to help you advance your business. Hi, I'm Sean Reilly, and welcome to another edition of Unpacked with PMMI. With good portions of the world locked down for the better part of a year, more people relied on the internet than at any time probably ever. Our networks literally became our network. It included our friends, it included our family, and it included our business. Unfortunately, bad actors saw this as an opportunity right for the picking. Cyber attacks increased, phishing, spam, and malware all grew exponentially. Today, we bring back friend of the pod and president of DDR Communications, Donna Ritzen. Donna gives us the lowdown on the specific strategies that cyber criminals employ and ways we can secure our networks and combat attacks on our IT and OT systems to ensure our businesses remain up and running effectively. With all the fancy introductions out of the way, welcome back to the podcast, Donna. Thanks, Sean. It's great to be here with you again. Yeah, this is, I think, our third Reilly and Ritzen production. I think so. Yeah, this is getting to be a thing we might have to branch out and do our own. All right. So, where we are right now, interestingly enough, we're talking cybersecurity and this was just mainstream news with the gas pipeline where a cyber attack actually shut down an entire gas pipeline. So this is the ripe time for us to be covering such an issue. So I guess, first of all, could you kind of briefly explain what is a cyber attack and how are manufacturers being targeted? Absolutely, Sean, and you're right. This is in our news consistently. Cyber attacks can really be broadly defined into two categories. IT attacks, which attack the enterprise systems like the enterprise resource planning systems or email or HR, CRN programs are attacked. And the other is OT attacks, the operational technology part of the business. And that happens on the plant floor, like PLCs or SCADA systems, HMI portals or smart sensors, those would be the things that would be targeted. It's interesting that you say you've kind of summarized it perfectly, all the different ways because we've actually anecdotally talked to some companies in manufacturing, whether for the podcast or other things I do, and they kind of put everything on the same network and finally gotten on board with IT and OT sort of working together, but then didn't even realize that they're all sharing the same internet that the person in the office is using the same internet as the manufacturing machines, which obviously isn't necessarily a good idea to have that open to everybody like that, and that can lead to some of these problems. I think people don't realize just how deep all the connections can go. So that was a great way of kind of summarizing that email can affect sensors and PLCs and things like that. So I guess beyond the, we mentioned the gas line, but what are some ways in which manufacturers are being targeted? Can you talk about some of the specific strategies that cyber criminals are deploying? Absolutely, and there's numerous ways that this is happening that bad actors can actually penetrate a manufacturing system. So one of the most common, and we see this in our personal lives as well, it's called phishing. It's not a word we're unfamiliar with, but what happens is it appears to be a legitimate email. They're trying to trick the person at the other end by clicking on a compromised link that would reveal any sensitive data or information. And if it's really highly targeted at a specific person, which sometimes it is, or a particular job function, then it's called spear phishing, obviously more targeted than phishing. But another common attack that is happening out there is a trojan where mailware actually masquerades as if it's coming from a trusted source. We've seen this even in our personal lives, where some of the companies we do business with, it appears like it's coming from Amazon or UPS, but it's really not. And that's the same in the manufacturing sector. It could be coming from a trusted supplier, but it's actually a cryptid email coming from a cyber criminal. In another attack, a distributed denial of service attack is where it's really a coordinated IT attack and it's designed to crash websites, disrupt email, and even compromise some of the IIoT devices. But one of the most troubling, and I think one of the ones that we're hearing most in the news is ransomware attacks. Yeah. I've heard this, like you said, it's in the news all the time now. And I think it's affecting most industries. Ransomware just seems to be something that people don't even have really a way around it once it happens. Once it happens, you're kind of at the mercy of the people that are requiring the ransom. Could you speak a little more about what this threat really means for manufacturers? Certainly. And ransomware, it does seem like you're at their mercy. And if you haven't protected your systems or really understood what to look for, yes, then you are at their mercy. And it's really where they come in and they shut down your operations by locking out access to your critical data until that ransom is paid. And keep in mind that ransomware really can affect both IT and OT parts of the business. And ransomware is an increasing threat. And cybercriminals are particularly targeting the manufacturing industry right now. It's where they know they can have the biggest impact because uptime and productivity are so crucial. And I don't want to throw a lot of statistics out here, but it is pretty alarming to understand just how significantly manufacturing is under attack. It increased just last year over 150%. So putting that in perspective, we really understand the urgency that manufacturers are under to really create and minimize their risk. And you talked about separating networks. And that certainly is a place to start. We touched on the gas one that's obviously a pretty big deal that was in the news. And so I don't think that's something even I would have thought of it would fall under something that would fall victim to something like ransomware. So who was at risk for a cyber attack in manufacturing? Who in particular? Well, it's really just about everyone, Sean. Anyone that's making a product, managing a digital network, producing an output of any sort. That includes brand owners, OEMs, contractors into this industry, suppliers in manufacturing. It could be anything from food to heavy machinery. We've heard the pipeline even can really fall victim to cyber attacks. And there are service providers, even such as cloud network managers that can be attacked. We've heard of some of our own government systems being attacked. Even small businesses are targets. And again, just last year, about a fourth of all the cyber attacks in manufacturing were in small operations. So particularly vulnerable operations are those that are highly integrated, connected with extensive networks, just as you mentioned, having them connected and not separate, which makes it possible for the cyber criminal to really access that network and many of the files, and if they can get in from a single point of entry, that's the vulnerability that they're looking for. So literally every single connection at an operation or a manufacturing facility is considered a potential threat. And is it especially important for companies to have that comprehensive cyber security plan in place? It's really the first step and it's critical. So speaking of cyber security plans, what can manufacturers do to protect themselves from these attacks? Are there strategies that they can kind of lay out ahead of time to reduce the risks? Yes, there are absolutely steps that manufacturers can take. And every manufacturing site obviously is going to be different. But really to begin to proactively guard themselves against cyber threats. One of the most important is training employees to really teach employees, what to look for, particularly in phishing emails is one of the first lines that come in. But also make sure that the employees understand that they're the first line of defense and really repeat this message regularly so that they understand their importance in helping establish a clear guideline and helping them understand how to adhere to that guideline and giving them a way to report any potential threats that they might encounter. And next really is that risk assessment to understand where your vulnerabilities are. How is data being collected? Where is it being collected from? How is it being stored? Where is it being stored? Who has maybe access to that data? And are there any external connections that need to be paid attention to and brought into the vulnerability assessment? And then really it's important to assign a team to designate a leader. When we interviewed companies for this white paper, there were companies that were already establishing these lines of commands. Make sure that there's a department that's responsible for cyber security. And one of the most important things we heard is give them a budget to do it. And then really last is looking for that cyber security third partner, an expert who can really help manufacturers through the process of where their vulnerabilities, looking at their assessment, training their employees and really helping them build some long term security goals. Very interesting. You kind of referenced some numbers and they were from the beginning of 2020 which would include kind of when the pandemic started to spread around the world and become much more of an issue, particularly here in the US and North America. I have to think, has the COVID-19 pandemic altered the cyber security equation for manufacturers? It definitely has, Sean. And it's been very quick because we know when the pandemic hit, the majority of people were sent home to work remotely. So the pandemic drastically expanded that pool of remote workers. And again, the majority of the companies that we interviewed said that they really had to scramble to get those remote workers safe access to their networks. And I think some of that started the process of looking at networks in general like you had mentioned earlier and creating some separate networks internally at manufacturing. And it really, the whole pandemic has created a new set of security challenges for manufacturing. So without giving away too much because we have you on here because you put together this wonderful white paper on cyber security accessing your risk and I'll let people know later where we can get ahold of that. We don't want to come on here and read the whole white paper to people. I guess what are some key takeaways from this white paper? Well, there's a couple of things. Certainly cyber security takes vigilance and it takes cooperation across the entire manufacturing, both IT and OT operations because we know cyber security criminals, they're constantly changing their strategies. So as we change our strategies to protect ourselves, it's requiring really diligent monitoring and updating of best practices. And then again, really ensure that all departments and all your employees are on board with what that cyber plan is and be sure again, I reiterate this, make sure that your employees know how critical they are in preventing an attack. Oftentimes that first entry might be through a phishing email or a targeted piece of malware that they think is coming from a secure location. And in conclusion, really, it takes the entire industry working together. We need to share the knowledge with our cyber security experts out there to really create a comprehensive plan and maybe set some of the standards that can lead to a more improved security across all manufacturing sites. Sean, it's definitely something that is escalating in our world and making preventive actions is really going to put manufacturers in the best situation. Wow, it just feels like such a moving target that's constantly changing and there's so much more to learn about how to understand the impact of cyber criminals and how to put these best practices that you've outlined really well for us in place to secure your operations. You can definitely read more about this in PMMI's White Paper, which we encourage you to download the White Paper, Cyber Security Access your Risk, at PMMI.org backslash research. I can't thank you enough for coming on here, Donna, and sort of giving us the lay of the land on what people can expect from this White Paper and some key takeaways that people can use to sort of secure their manufacturing operations. Thanks, Sean. It's been my pleasure. It's certainly a topic that is top of mind. Please rate, review, and subscribe. To do that, go to the iTunes podcast or Spotify app on your phone and search for Unpacked with PMMI.