Editor’s Corner—AT&T customer AW North Carolina shows how cyberattacks can affect uptime, business operations

Cybersecurity
Working with AT&T, AW North Carolina has 24x7 security protection, enabling it to focus on its own business.
Sean Buckley, FierceTelecom

For AW North Carolina, a manufacturer of automatic transmissions, any network downtime means a loss of production time and potential lost revenue.

During the company's evaluation of new internet service providers, it suffered a wide-scale ransomware cyberattack. This attack harmed day-to-day operations, including halting production.

“In the middle of cutting over its internet service to AT&T, we ran into ransomware attacks,” said John Peterson, general manager of Information Technology, AW North Carolina, in interview with Fierce Telecom. “When those happened it really went out and severely impacted our business by jamming up the number of calls it was making to our servers in such a way they became unresponsive.”

But the company found its savior in AT&T, which fixed the issue in two days. AT&T was an obvious good partner as AW North Carolina already used the service provider for its wireless service and was talking to them about network security.

Through its Cybersecurity Consulting Division, AT&T deployed an Incident Response and Forensics team who identified and eradicated the ransomware in AW North Carolina's servers. After resolving the security issue, AT&T supplied the company with a host of services, including web content filtering, e-mail filtering, and mobility extension.

“They helped us identify the issue, resolve that issue and put in preventative measures from having that happen again,” Peterson said. “We’re sitting at seven months right now since we had a significant issue.”

Reducing network downtime
By working with AT&T, AW North Carolina has 24x7 security protection, enabling it to focus on its own business.

Because AT&T has a global reach, the service provider can push out a fix to serve any customer location, something that would be a challenge for a company like AW North Carolina to address on its own. 

“I would have to have people on staff 24X7 doing nothing but looking for these things and a whole staff behind them,” Peterson said. “AT&T sees these things happening all over the world and can proactively get these things in place so they’re not impacting us.”

Like other global businesses, AW North Carolina is a mobile company. This means that its employees use various mobile devices, a phenomenon that also raises security threats.

Sales and management teams spend a lot of time traveling in the U.S., Canada, Mexico and Japan where it has other sites. AT&T currently manages over 450 mobile devices for AW, including a mix of phones and laptops.

AT&T has equipped AW North Carolina with its Enterprise Mobility Management service, which manages mobile devices and endpoints to help reduce security risks. Any employee has virtually seamless access to their apps without interruptions.

Additionally, the service provider equipped the company with its a VPN service, providing a private and highly secure network connection for AW North Carolina that allows employees to securely transmit data between various locations.

A proactive partnership approach
Being able to avoid security issues means the company can maintain uptime and keep customer orders flowing on time. AW North Carolina runs 24 hours a day and ships six times a day and had never missed a customer shipment.

When it started suffering a cyberattack, AW North Carolina had to turn to more manual processes to keep customer orders flowing.  AT&T was able to respond in 24 hours and have the manufacturer back up and running in 48 hours.

“They were able to help us survive through that,” Peterson said. “The revenue impact is significant, for literally every hour of outage is a revenue hit for us and fortunately we were able to get through that cycle without that happening.”

What’s also important for AW North Carolina and others is that AT&T can proactively monitor and isolate issues as not only a service provider, but as a partner.

“What I said to AT&T when we signed on with them is these are commodity products and I am buying the service,” Peterson said.

Todd Waskelis, VP of AT&T Security Consulting, agreed, adding that larger businesses can help educate the broader security community on issues and best practices.

“As we move towards zero data attacks and bad actors using cutting edge technology it has to be large organizations sharing that data,” Waskelis said. “We have seen that in things like the multi-state stack and entities working on sharing that information so they can tell their partners about it and get the indicators out there.”

AW North Carolina’s experience shows how detrimental cyberattacks can be on large businesses. According to AT&T research conducted last October, 90% of companies experienced a preventable cyberattack.

What this all points to is that businesses not only need a strategy, but a partner that can help guide processes and proactively isolate issues before they have an impact.--Sean @FierceTelecom