Best Practices for Protecting SCADA and HMI Systems from Ransomware Attacks

Posted: September 15, 2020

Ransomware has reached Industrial automation. With companies such as Renault and Toyota taking hits from past malware like the WannaCry ransomware worm (also called WannCrypt and Wanna Decryptor), it's become clearer than ever that companies should have a protocol in place for safeguarding systems. There should also be schedules for frequent updates to software, which ensures that patches are always in place.

Everyone is Responsible for Cybersecurity

The best way to avoid ransomware is to practice good cybersecurity habits and enforce them. This means gaps and firewalls between control and IT networks, good company policy that prevents operators from clicking suspect links or visiting dangerous websites on company machines. It means protecting the system from personal mobile devices and ensuring that patches and software updates are installed regularly.

However, in the event that you are breached with ransomware, frequent backups may help provide a contingency plan. Backups that can be uploaded automatically to the cloud will help prevent ransomware from infecting local shared network drives. Any hard drives or computers used for backups should be connected only when backing up information and then disconnected when it is complete. Multiple forms of backups will help ensure that reports, records, recipes, and other process data are available in the event that operators are locked out of the system.

Cybersecurity in AVEVA Edge

AVEVA Edge offers multiple ways to ensure you can still access your process with thin clients. The Secure Viewer Thin Client might prove a good solution for safely accessing your SCADA or HMI on a ‘clean’ machine. Using the Studio Mobile Access client would also allow operators to access machines via web browsers that support HTML5.

If an infection occurs, it’s also important to have protocols in place that will allow you to disconnect infected computers to prevent the infection from spreading to the entire network.

For more information on protecting your AVEVA systems, download the Industrial Cybersecurity infographic.