Detecting Malware Before It Enters Critical Infrastructure Is Key to Protecting the Supply Chain

The transportation industry is essential to our daily lives, enabling the movement of goods such as food, fuel, and industrial components by land, sea, and air. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recognizes transportation’s significance as one of the 16 essential government sectors.

Disruption to transportation, whether caused by cyberattacks or compliance issues, has a dangerous knock-on effect. In a recent article, Cyberstalk noted that: “Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks.”

Between June of 2020 and June of 2021, the transportation industry witnessed a 186% increase in weekly ransomware attacks.

Cyberstalk

Why Transportation is Such an Easy Target

Transportation companies are vulnerable to file-borne malware because they transfer a massive amount of electronic documents—manifests, customs declarations, and freight invoices, among others. These documents are crucial for tracking the movement of goods through the supply chain and ensuring that shipments arrive at their intended destination on time and in good condition.

This makes the industry, as a whole, a prime target for bad actors. Discover how a leading provider of management software for end-to-end transportation and logistics protects their customers’ supply chains from cyberthreats.

Under Attack

Their Platform Director of the aforementioned provider discussed the frequent cyberattacks his organization faces. “We have a web-based application that’s publicly available,” he began, “we’re open to constant attacks as soon as we’re on the internet. Our customers are using our application for their core business. If we are under attack, their core business, of course, is also under attack.”

Their top priority is to protect their business operations and customers because many of their clients, such as major pharmaceutical and automotive companies, depend on their system to be completely free of malware.

The company uses a variety of security measures, including firewalls and web application firewalls, to protect its system. The Platform Director and his team also conduct weekly penetration tests to check that their system is completely secure.

To ensure best practices are followed, the company is ISO 27001 certified. This certification demonstrates that they adhere to data protection regulations and security guidelines. Customers can therefore be confident that their information is fully protected within the company's system.

The global logistics software company's Platform Director and team identified a file-upload vulnerability in their system through internal and customer penetration tests. Due to the potential impact on their reputation, they promptly addressed this security gap by adopting OPSWAT's solutions.

Complete Network Security

As the Platform Director explained, one of the greatest challenges to the company is preventing their platform from hosting or distributing malicious files. “A carrier or another anonymous user could upload a potentially malicious document to our system, and the receiving company may download that malicious file to their system. This was a blind spot prior to deploying OPSWAT to secure the platform. We have now eliminated this blind spot and the threats to our customers and to us as a company.”

OPSWAT offers a full suite of cybersecurity solutions to guard systems against malware threats. This leading global logistics software company based in Europe is presently deploying OPSWAT’s MetaDefender ICAP Server to prevent and detect file-borne threats. Having this solution in place allows them to:

• Integrate with F5 web application firewall and load balancer.
• Meet and maintain ISO 27001 compliance.
• Prevent zero-day attacks and evasive malware.
• Detect vulnerable software before installation.
• Analyze threat intelligence from multiple sources in real-time.
• Provide the highest threat detection with multiscanning.
• Detect sensitive data in files and emails.
• Deploy in the cloud or in local environments.

Protecting Their Achilles Heel

While it's undeniable that every business, regardless of its size, must prioritize security, the Platform Director notes that smaller companies often overlook the importance of securing against file-borne threats.

“Smaller organizations may not have all these protections in place, because (A) they think cannot afford it, or (B) they may not think it is important. However, they may potentially use our system and unknowingly attempt to upload data to the system which contains malicious files.”

He explained that traditional security practices aren’t enough to protect against threats hidden in content traveling through their network, “…the legacy security standard is local firewalls, malware protection, things along those lines. We have limited visibility into who is using our platform and where the documents come from that they upload to our system. OPSWAT was a game-changer. Before OPSWAT came into the picture, this was more or less a complete blank space for us. You would have been able to upload whatever documents to our system, and customers, in a worst-case scenario, could potentially be exposed to any malicious content embedded in that document.”

With OPSWAT, we’re protected against this because you cannot upload malware into our system.

The Platform Director

Easy and Efficient Deployment with MetaDefender ICAP Server

What he and his team really liked about the OPSWAT platform was how easy it was to deploy. “We paired the MetaDefender ICAP Server with our F5 web application firewall and load balancer,” he said. “We were able to deploy and began to scan all file uploads into our application in a couple of days. It was really easy, straightforward, and we plugged a huge hole that had been in the application for some time.”

There was also significant cost savings in development time. The ICAP protocol was designed specifically to easily offload files for scanning by an external server. “If we had developed the solution ourselves it would have taken a long time,” he said. “It didn’t take any development resources; we were able to deal with it without any changes to our application infrastructure.”

Adopting a “Shields Up” Strategy

As the head of cybersecurity, the Platform Director provided several recommendations that businesses of any size should follow to safeguard their critical infrastructure against cyberattacks.

Consider Yourself a Target

Businesses should consider themselves a potential target of cyberattacks and avoid underestimating the severity of the threat. They must review and assess their existing data security measures. Investing in appropriate technology to strengthen cybersecurity is necessary, as the potential loss of revenue and reputational damage could be catastrophic and may even make recovery impossible for some businesses.

Firewalls are Not Enough

It only takes one misstep (usually unintentionally by an employee) to allow a device or system to be compromised. This is why enterprises need to develop a layered approach to data security that includes solutions that prevent malware-infected files from being ingested into your system.

Training is Key

Upgrading physical infrastructure—software, devices, servers—is part of the solution, but upskilling your workforce on how to use the technology at their fingertips to detect potential threats before they become real issues is equally important. The OPSWAT Academy addresses the CIP cybersecurity skills shortage through courses that promote the best practices and practical approaches successfully implemented in the most secure critical infrastructure environments.

Test your System Constantly

Despite having numerous processes in place to keep their systems running securely, the company conducts weekly penetration tests to make sure things are secure and stay secure. And they encourage their customers to test their systems and share their findings regularly.

Compliance is Key

Compliance with ISO 27001 is certified by external auditors to ensure enterprises like this leading global logistics software company have the right security processes and data protection regulations in place so they can reassure their customers that their information is 100% secure within their system. OPSWAT is compliant with ISO 27001 and other certification standards.

It’s All About Resiliency

In summarizing the importance of protecting the supply chain, the Platform Director said, “It’s all about stability and resilience. In the end, the supply chain just has to work. If we have interruptions, and if our systems go down, or even worse, if our systems would be corrupted .... It’s important that our system is up and running, stable, and the supply chain is really resilient.”

This is why he advises developing a layered approach to data security. “There are multiple layers in today’s world” he said. “It’s firewalls, it’s malware protection, it’s training for your employees, it’s all of these different layers of protections that you need to have….and only if you have paired them all together are you able to develop and deliver a secure system.”

To see how OPSWAT’s innovative solutions can keep your critical infrastructure safe talk to an expert today.

Talk to an Expert