Paper360 - November/December 2012 - (Page 28)

CYBER SECURITY TECHLINK Protecting Your Mill Against Cyber Threats It’s a mill manager’s nightmare: a cyber security breach that threatens the mill’s people, automation, data and operation PATRIK BOO P apermakers today have had to wake up to the many frightening repercussions of cyber threats. Malicious attacks, viruses like the Stuxnet worm, corporate espionage, unauthorized access, employee misuse, unsanctioned system modifications—an ever-widening range of hazards can put your mill at risk. And whether a cyber security incident is an attack or an accident, the impact can still be serious. There is one new vulnerability discovered every hour of every day. A cyber security problem can jeopardize people’s safety, destroy equipment, lose key information, hurt the environment, bring production to a standstill—and it can even put you out of business. At the minimum, a cyber incident can turn into a significant expense. According to a 2011 study by the Ponemon Institute, the average cost of a cyber security breach is $5.9 million. BOTH HACKERS AND EMPLOYEES CAN DO DAMAGE Cyber security issues that threaten businesses started to surface in the mid-1990s. In the paper industry, malware designed to harm an individual mill’s control systems began appearing in 2010—and mills were forced to begin considering the costs and hazards that a cyber attack would mean for them. When hackers target a mill, they may be motivated by anything from casual sabotage, to revenge, to cyber crime. One of the most disturbing aspects of cyber attacks is that individuals who have the intent to do harm but not the knowledge or resources, can now find code on the Internet that they can decompile and use to do real damage. The person who maliciously hacks into a company’s system doesn’t have to be an unknown; he or she might be a disgruntled former employee. One employee took being fired so calmly that his manager agreed he could go back to his cubicle and pack up his belongings. The employee returned to his desk and deleted the company’s most important databases, causing incalculable harm. Competition in the paper industry can be fierce, and an unscrupulous competitor with the right computer skills could cause enormous trouble. In mills, smooth running production and high product quality are crucial, and a ruthless competitor has the means to disrupt both. A hacker can gain unauthorized access to your system to gather intelligence, steal information, or even make production changes that are so subtle an operator may not catch them until it’s too late when the paper doesn’t meet customer specifications and has to be scrapped. Although hackers are synonymous with cyber security problems, they are behind only a quarter of all security breaches. Most often, the cyber problems businesses deal with are caused unintentionally by their own employees. Worker carelessness, accidentally-passed viruses and unauthorized access create the bulk of cyber security issues. An employee who, for example, uses the system to recharge a smart phone or a USB stick, can create havoc if the device contains a virus they didn’t know about. An operator who overrides their system access in the rush to correct a problem can trigger a cyber crisis. Figure 1. Components of cyber security. 28 Paper360º NOVEMBER/DECEMBER 2012

Table of Contents for the Digital Edition of Paper360 - November/December 2012

Over the Wire
Achieving Zero Landfill of Fiber
Creating a Monument to Safety
Keeping the Paper Flowing
Transforming an Industry
Supporting the Community
David Paterson Takes the Reins at Verso
New Tissue Fabric, Felt, and Roll Cover Technology
Protecting Your Mill Against Cyber Threats
Association News
TAPPISafe Takes a Page from Other Industries
Paper360° Online Exclusives

Paper360 - November/December 2012