Don’t Cry. It may not be too late to safeguard packaging data

When this column suggested in February that packaging operations were vulnerable to crippling ransomware attacks, the massive international WannaCry (AKA WannaCrypt) malware attack that infected more than 200,000 computers around the world in a matter of hours hadn’t happened yet.

It has now (pwgo.to/2891). And the attack raises several questions:

• Who is doing it? Russian gangsters? North Korean State agents? Mischievous East European cyber-savants? Lots of suspicions; little solid evidence. No culprits in hand—or expected to be caught—as this column goes to press.

• Is it over? Probably not. Some cyber security consultants believe the May 12 WannaCry malware attack was just the first wave of such attacks. Nor is WannaCry the only malware we know about that’s compromising computer connectivity around the world. Another one called Adylkuzz is a virus—by some accounts larger and more pernicious than WannaCry—that leverages unsuspecting systems to mine crypto currency. (Not exactly sure what that is, but it’s not good). Adylkuzz leaves victimized computers running a little sluggishly, making it virtually undetectable.

• Are packaging/processing ops primary malware targets? Again, probably not. Packaging and processing ops are hardly cash cows. Packaging remains a “silent (and largely unseen) servant” to those not professionally engaged in it so neither would appear to be first choice targets of hackers. (We are presuming that the hacks are not being perpetrated by anyone in the professional community of packagers or processors.)

Still, ever-expanding supply chains; sales increasingly shifting from traditional grocery and drugstores to e-commerce; computer-enabled, Cloud-linked production lines; and advanced packaging technologies that transform mute snack pouches into miniature entertainment outlets like the limited edition “Guardians of the Galaxy” Doritos bags (see photo) make heightened vigilance an operational imperative for packaging and processing professionals.

• What can we do to safeguard our packaging data? To prevent or respond to a ransomware attack, cyber-security experts urge IT and operations leaders to collaborate cooperatively to:

• Install network security patches as soon as they’re available and vetted.

• Back up data to the Cloud. Daily or more frequent data dumps to off-line, unplugged computers are also recommended.

• Disinfect hard drives and install files you sequestered to off-line, unplugged computers.

• Think before opening email attachments.

• Don’t pay ransoms.

It is also good advice (and company policy at a lot of firms) not to mix business and personal interests on a single computer.

Packaging professionals wanting to “enable safe and secure third-party remote access to improve CPG equipment performance and uptime” are addressing some of the security issues of greatest concern to their operational efficiency in the Cyber Security Workgroup formed last year by the PMMI’s OpX Leadership network. (www.opxleadershipnetwork.org)

The deliberations of the Cyber Security Workgroup—and the possibility that they will develop universal guidelines for assuring secure vendor access to their networks—comes just as a handful of PACK EXPO Las Vegas exhibitors readies their remote access technologies for demo at the show (search keyword “remote access” on www.packexpolasvegas.com).

These are Internet-enabled/Internet challenged times for packaging and processing professionals. It is getting late. But it may not be too late to safeguard your packaging data to secure their operations as well as their packages.

Ben Miyares, Packaging Sherpa, is a packaging market and technology analyst and is president of The Packaging Management Institute, Inc. He can be reached at bmiyares@packmgmt.org.

More in Home