INEOS is mounting its own offensive to tackle the growing rise in attacks on IT systems around the world.
INEOS is mounting its own offensive to tackle the growing rise in attacks on IT systems around the world.
Staff have been issued with 10 golden IT security rules.
INEOS Chairman Jim Ratcliffe is backing a campaign to remind employees never to open suspicious emails or attachments.
“Just one careless click of a mouse could have devastating consequences,” said Barry Pedley, Group IT Director who is in the front line trying to stop them infecting company servers.
INEOS has been aware of the growing problem for years. Every month the company receives more than 25 million emails.
“About 80% of those are blocked because they contain SPAM, virus, malware or malicious links,” said Barry. “But we cannot block 100% so it is vital that our staff are alert and do not click on anything unusual or suspicious.”
INEOS has also witnessed an increase in ‘man in the middle’ email attacks where people try to intercept legitimate mail between INEOS and another company and then make changes to bank details to obtain fraudulent payments.
“We have not yet suffered a financial loss, but we have come close,” said Barry.
The WannaCry ransomware cyber attack last year was one of the most crippling in history. Within a day it is believed to have affected 230,000 computers in 150 countries.
“I am aware of several businesses that even today, are still cleaning their systems and have not fully recovered from the attack,” he said.
In 2014 a blast furnace at a German steel mill had to be shut down after cyber-attackers stole staff logins and gained access to the mill’s control systems.
INEOS, which has been tightening the security of its IT systems as the business has grown, knows it could be a target.
“It’s not a case of if we are attacked, but when,” said Barry.
A few years ago, the company website was hacked.
“There was nothing specifically malicious against us,” said Barry. “It was a case of the website being used as a relay to send spam. But we now run penetration tests against the website to ensure the security is effective.”
INEOS has completed the roll-out of a new email system throughout the group.
“For us, this is now a good time to remind people about the importance of the security rules and keeping the people and IT systems at INEOS safe,” said Barry.
Chairman’s note to all INEOS employees
Our IT systems are under constant attack. Unfortunately, this has become a feature of the modern world. The problem only gets worse as the attacks become more sophisticated.
Earlier this year we issued 10 golden IT security rules and instructed everyone to follow these rules without exception.
It is essential that users of the INEOS IT system behave responsibly and don’t open suspicious emails. Certainly never open suspicious attachments and never enter credentials into an attachment.
If an email is at all suspicious then delete it.
There is no downside in doing this. Just delete it.
We cannot accept people opening suspicious emails and attachments. This threatens the integrity of our systems and harms INEOS.
If in doubt throw it out!
Jim