Skip to main content

The rise of industrial ransomware

Ransomware attacks are on the increase on critical industrial control systems (ICS) and other types of operational technology (OT). Analysis by cybersecurity researchers at security company Dragos, the amount of publicly recorded ransomware attacks against operational technology vertical manufacturing has tripled within the last year alone.

Cyber criminals are deploying ransomware by targeting end-users using spear-phishing or by exploiting third-party software vulnerabilities and enterprise network equipment. Because it’s often the quickest and simplest way to create money from compromising a large network, hackers will often also be able to access intellectual property and sensitive data that also resides within the network.

PwC cybersecurity leader Pat Moran said the impact of ransomware attacks on technology systems can extend far beyond financial loss. “It can result in supply-chain issues and even physical danger,” he said.

“Adopting defence-in-depth security strategies and having effective preventative, detective and corrective controls in place is critical for reducing risk.”

Why operational technology (OT) systems have become a prime target?

Operational technology (OT) is used in a variety of industries including manufacturing, oil and gas, supply chain, aviation, maritime, transport, and utilities. Many industrial organizations are involved in critical nation’s infrastructure, meaning that compromise can lead to broader consequences for a nation’s economy and society. 

For cyber criminals, operational technology is a combination of the critical nature especially manufacturing plants- the security vulnerabilities mean hackers are eyeing up easy paydays because in many cases the industrial operations that can’t afford to be out of action for a long period of time, so they could be more likely to give in to the demands of the attackers and pay hundreds of thousands of dollars getting the network back. 

How to reduce the risk of ransomware

Performing security risk assessment from time to time on key control systems is essential to identify and remediate any software security issues. Regularly conduct architecture security reviews to identify all assets, connections, and communications between IT and OT networks. 

Implement fully integrated SoC to monitor assets and network using outbound network connections from OT networks to detect any malicious threat behaviours. 

Engage cyber security consultants to perform Ransomware assessments on regular basis and to build solid cyber security governance and remediation strategies.  

With the Covid-19 pandemic forcing many processes to go remote, it’s extremely important that companies secure any remote access to industrial systems to reduce the risk of cyberattacks.

Cyber security is what we do

Rabbon is a Cybersecurity company based with offices in Sydney and Melbourne. We lead a team of Cyber security Consultants and GRC Consultants, who help organisations become cyber resilient by providing access to effective and affordable cybersecurity services. We believe that “Cybersecurity is for everyone

You can contact our Cyber Security Consultants for an obligation free consultation.

Phone : +61 2 80513207

Email: [email protected]

Leave a Reply