Cybersecurity Prevention Is the Cure
We live in a world where technology is continually changing the way we manage our businesses. Businesses are streamlining operations and staying connected with locations all over the world. Maintenance teams need to keep ahead of this rapid pace to help manage their facilities and maintenance operations more efficiently. Unfortunately, this progress and convenience also introduced new challenges. Technology brings the interaction of computing devices with the ability to transfer data over a network, which has introduced new possibilities for cybersecurity threats. The consequences of a security breach can be significant and cyberattacks can severely affect an organization’s business operations.
Devices that are connected to a network or have an Internet Protocol (IP) address are all at risk for cyber threats. Ransomware encrypts computer data until victims pay for tools to unlock their data, which is a big business that is growing. Cybercriminals are becoming more sophisticated and increasingly popular among criminals because it offers a quick way to make a buck.
What is Cybersecurity?
Cybersecurity is the practice of protecting systems, networks, programs, and electronic data from cyberattacks. Cyberattacks are unwelcome attempts aimed at accessing, changing, stealing, or destroying sensitive information.
Types of Cybersecurity Threats
The term “malware” is defined as malicious software, including spyware, ransomware, viruses, Trojans, and worms that provide unauthorized access or cause damage to a computer. These get installed into the system when the user clicks on a dangerous link or email. Once inside the system, malware can block access to critical components of the network, damage the system, gather confidential information, and more.
Ransomware is a type of malware attack in which the attacker locks down files, data or, systems, and threatens to erase, destroy bock, or publish the data unless a ransom is paid to the cybercriminals who initiated the attack.
In phishing scams, cybercriminals send malicious emails or text messages that appear to be from a legitimate company asking for sensitive information, such as credit card data or login information.
Insider threats in cybersecurity are threats posed by individuals from within an organization, such as current or former employees, business partners, contractors, or anyone who has had access to systems or networks in the past.
Distributed Denial-of-Service (DDoS)
A DDoS attack attempts to crash a server, website, or network by overloading it with massive traffic, usually from multiple coordinated systems. Cybercriminals can also use several infected devices to launch an attack on the target system.
Advanced Persistent Threats (APTs)
In an APT, an intruder or group of intruders infiltrate a system and remain undetected for an extended period of time.
Man-in-the-middle is an eavesdropping attack when cybercriminals place themselves between a two-party communication and intercepts and relays messages between two parties in order to steal data.
A Structured Query Language (SQL) injection attack occurs when cybercriminals try to access the database by uploading malicious SQL scripts. Once uploaded the cybercriminal can view, change, or delete data stored in the SQL database.
A Domain Name System (DNS) attack is one in which cybercriminals compromise a network’s DNS or takes advantage of its inherent attributes to conduct a broader attack.
Sources of Cybersecurity Threats
Below are a few of the common sources of cyber threats. As cybercriminals become more sophisticated and technologically advanced, this list continues to grow.
Nation states are cyberattacked by hostile countries against local companies and institutions, inflicting detrimental impact by interfering with communications, military activities, and everyday life.
These are hackers that strive to infiltrate systems or networks for financial gain. These groups use spyware, spam, phishing, and malware to perform online fraud, conduct identity theft, and system extortion.
Hackers target organizations using a variety of attack techniques to breach defenses and exploit vulnerabilities in a computer system or network.
Terrorists conduct cyberattacks to destroy or exploit critical infrastructure to threaten national security, disrupt economies, and cause bodily harm to citizens.
These target individuals, organizations, or industries that don’t align with their political beliefs. They carry out cyberattacks in support of political causes versus financial gain.
Malicious insiders are threats posed by individuals from within an organization, such as current or former employees, business partners, contractors, or anyone who has had access to systems or networks in the past.
Corporate spies are cybercriminals who conduct industrial or business espionage to make a profit or disrupt a competitor’s business by attacking critical infrastructure, gaining access, or stealing trade secrets.
2021 Data Breaches
Data breaches can happen to anyone and any size company. Below are just some of the biggest data breaches that happened in 2021. As these hackers get more sophisticated the number of cyberattacks keeps growing and getting more severe.
Colonial Pipeline – suffered a cyberattack that disrupted fuel supplies all along the East Coast of the United States for several days.
Hospital – a facility in Florida reported that it couldn’t connect to the charting system that doctors use to look up patients’ medical histories. They soon realized that the charting software, which was maintained by an outside vendor, was infected with ransomware.
JBS Foods – one of the largest companies for meat processing in the world had a ransomware attack that resulted in the temporary closure of some of their operations.
Facebook, Instagram, and LinkedIn – had major ransomware attacks due to an unsecured database.
Volkswagen & Audi – encountered a data breach due to unsecured data.
Schreiber Foods – in Wisconsin, closed for days in October after cybercriminals compromised its plants and distribution centers.
Educational Facilities – had significant cyberattacks throughout 2021 and cyberattacks are continually rising in the educational industry. In March, the Buffalo Public School system was hit by a ransomware attack that led to shutting down the entire school system. A ransomware attack targeted Finalsite, a private company that provides web hosting and other communications services and caused major disruptions in over 4,000 schools in 2021.
T-Mobile – encountered one of the largest telecommunications data breaches with a hacker stealing data from millions of T-Mobile customers.
Florida Water Utility – a hacker broke into a system at a water treatment facility in Oldsmar, Fla., and attempted to change the level of a chemical that is applied to water to control acidity.
These are just a few of the cyberattacks from 2021. Healthcare, Energy, Financial, Educational, Government: there is no industry that is safe from cybercriminals.
Critical Facility Maintenance Systems That Are Vulnerable to Cyberattacks
In today’s increasingly digital world, all organizations are at risk of cyberattacks. The more systems that you have interconnected increases cybersecurity risks. Below are a few of the systems that may help you run your organization and are highly susceptible to cyberattacks.
Building Management Systems (BMS) & Building Automation Systems (BAS)
Building management systems (BMS), synonymous with the Building Automation System (BAS), are computer-based systems that are used in the building to automate functions, such as ventilation, lighting, power, and electrical equipment. These network interconnected functions across facilities are perfect targets for cybercriminals.
The advancement of technology has had a major impact on the improvements to maintenance operations. Smart thermostats, heating systems, cooling systems, and HVAC remote-monitoring solutions have increased efficiency and reduced energy consumption for business operations. With the increase of these devices also comes an increase in cybersecurity. Their direct access to the internet makes them major targets of cyberattacks, posing serious security threats to buildings using these devices. In larger corporations, cybercriminals manipulation from HVAC systems could give them access to private financial information and potentially retain unauthorized critical data.
A security system is essential to ensure that unwanted intruders do not gain access to your facility. These are the very systems that are supposed to keep your business safe but are also putting you at risk of a cyberattack. These cybercriminals have gotten very sophisticated and can use wireless surveillance systems to monitor your building in real-time. They have the ability to disable smart locks and jam alarms to stop them from sounding, giving intruders easy access to your facility.
Fire Protection Systems
Companies depend on fire protection systems to quickly pinpoint the location of fires and turning on the necessary sprinklers, safeguarding people and their facilities. These networked fire protection systems are susceptible to cyberattacks. Cybercriminals can get into the systems and cause serious safety risks. They can disable alarm systems or set off alarms and/or sprinklers to disrupt business operations.
Elevators & Escalators
The benefits of having ‘smart’, or connected, elevators are endless, but with any device that has smart technologies or connects online, the risk of a cyberattack increases. While a cybersecurity attack is unlikely to compromise elevator safety it is more likely to affect the availability of elevators. In elevators, hackers can also use their connectivity to access phones to listen in on conversations and/or talk to occupants.
Networked lighting systems controlled by smart technology have made it easier to turn lights on and off and keep your business lighted during operating hours, but this technology has also provided an open door for cybercriminals. With this technology, cybercriminals can send your business into darkness and attack joining endpoints.
Industrial Control Systems (ICS)
Some manufacturing facilities use an ICS system to control and manage industrial processes such as manufacturing, product handling, production, and distribution. All of these interconnected systems are more vulnerable to cyberattacks and may cause a disruption to production and the ability to collect information.
Cybersecurity Starts With You
To run a successful business takes a group of systems, applications, and a network. Many businesses also rely on independent service providers. You need to understand the potential risks that all of these pose and how you can ensure that your data is being protected.
Today it is very common for companies to use Software-as-a-Service (SaaS). These independent service providers are supplying critical applications via the internet. This puts your data at a higher risk for cybercriminals. Since these service providers are not part of your organization, you have no control over the way they manage or protect your data. But you do have a choice! With cyberattacks happening every day, it is important to evaluate the security protocols of these services to ensure they are following the correct practices to prevent cyberattacks and mitigate attacks that do occur.
How do you ensure that your data is protected? Along comes the Security Scorecard companies. Some vendors are taking extra precautions to protect their data and clients’ data and investing in companies who continually monitor their third-party service providers’ security against all known risk factors. The platform continuously monitors all aspects of your network and your internet presence, giving you an outside-in look at security controls and effectiveness. They are continually monitoring your systems and providing their clients with a Security Scorecard using an easy-to-understand A-F rating across many different categories.
A Security Scorecard is one of the most important and valuable pieces of documentation in today’s world to determine the security effectiveness of your vendors. If a vendor can’t provide you with an authorized Security Scorecard, then you should definitely think twice about trusting them with your data. Having a Security Scorecard of 100% ensures that your vendors are following all industry standards to keep your data as safe as possible. Ask your vendors to provide you with a copy of their security scorecard so that you can determine if you want your data to be in their hands and maybe the hands of cybercriminals.
If you are lucky and find that SaaS vendor who maintains an A or 100% Security Scorecard Rating, by all means, that is the vendor that you want to go with. Consistency in maintaining high ratings in all categories means that this SaaS vendor is taking every precaution to ensure that your data is safe – one less thing you have to worry about.
How to Protect Your Organization Against Cyberattacks?
Understanding the extent of the damage that cyberattacks can cause should be a good reason to take action to help prevent these events from happening.
Just a few of the things that you should think about:
Secure Your Networks and Databases
- Set up firewalls and encrypt information
- Backup your data
- Secure sensitive data
- Make sure your Wi-Fi password is protected
- Only store information in company databases that are necessary
- Automatic backing up of company data
- Conduct regular audits
- Keep your software and systems up to date
- Ensure endpoint protection.
Educate Your Employees
Educate employees on the importance of securing and protecting their information, colleagues, customers, and the company.
Instruct employees not to install non-business software on company devices.
Administrative access should be limited to a small number of users.
Educate Employees on Identifying Fake and Harmful Data
Train your employees to be able to recognize fraudulent emails and fake messages.
Implement a process that needs to be taken should an employee’s computer become infected with a virus.
Make sure to keep your security software up to date.
Cybersecurity and Maintenance Operations
Today organizations are streamlining processes, managing multiple systems while trying to minimize expenses. Organizations seeking to establish interoperability between internal apps and other data exchange tools are increasingly turning to application programming interfaces (APIs) to manage the flow of information between systems. An API allows users to fully leverage their maintenance operations systems (such as a CMMS) by integrating it with any hardware device or software application in the cloud through an API.
Why do you need an API? What does an API have to do with cybersecurity?
Cyberattacks bring disruption to your business operations; cybercriminals could leave your organization in total darkness; if you have areas that must be maintained at a specific temperature, for example, having a cyberattack into your HAVC system could cost you a loss of an entire inventory; and the list goes on. You not only have to worry about the cyberattacks, but you also now have to worry about the safety of your employees, equipment, and products.
Using an API connected to a CMMS helps you manage through the tasks of keeping employees safe and the processes of implementation of resources to resolve issues quickly.
There are two levels of API security: REST (Representational State Transfer) or SOAP (Simple Objective Access Protocol).
REST APIs use HTTP as a standard API that provides you with additional data security by keeping an internet connection private and checks that the data sent between systems, is encrypted and unmodified. An example would be a hacker trying to capture your credit card information from a shopping website, they can neither read your data nor modify it. If a website is protected with this technology the URL begins with “HTTPS” (Hypertext Transfer Protocol Secure).
SOAP APIs use built-in protocols called Web Services Security (WS Security). These protocols have defined rules that are guided by confidentiality and authentication. They use a combination of verification tools to verify authentication and authorization. This type of API has a more comprehensive set of security measures. SOAP APIs are recommended for organizations handling highly sensitive data.
Using an API connected to a computerized maintenance management system (CMMS) provides your team with additional features that further help you manage through a cyberattack or business disruption.
Through your CMMS, you can set up alert notifications that can warn you in real-time of a critical event in your plant or buildings. You can set parameters, such as for your HVAC or lighting system, and if those parameters fall below the threshold, you can be notified in real-time or have the system generate a work order. CMMS software also provides you with the tools to help you maintain your maintenance operations and keep assets running more efficiently, minimizing downtime. Having the ability to set alerts to remind you of preventive maintenance scheduled tasks can save you a lot of time and have you more prepared for inspections.
With the automatic generation of work orders and notifications, you now can concentrate more on resolving the more serious cyberattacks.
As digital technologies continue to increase daily, so do the risks of cyberattacks. With the advanced tools and the supplication of cybercriminals, organizations need to take cybersecurity seriously. They need to put processes in place to not only manage the cyberattacks but also their maintenance operations to ensure the safety of their data and their employees.
No one wants to be “hacked,” but with the proper precautions, you can get through this.
Jeff Roscher is Co-Founder and President of eWorkOrders (Information Professionals, Inc). eWorkOrders is an industry leader in secured computerized maintenance management system (CMMS) software. Jeff can be reached at jeff@eWorkOrders.com.