Ransomware ICS

Ransomware attacks on industrial control systems 2021

Industrial control systems were “air-gapped” before the advent of the internet. This meant that nobody could disrupt the day-to-day operation. Modern industrial control systems (ICS), however, interface with a wide variety of devices and networks, posing several security vulnerabilities for industrial control systems.

Do industrial control systems security seem like a sleepy subject? This type of infrastructure is essential for traffic lights to work properly, water systems safe and lights in hospitals, data centers, and office buildings can be kept on. Literally.

25% of North American utility companies were affected by the SolarWinds attack. How can industrial control groups make sure they aren’t next in the news cycle for attack vectors? For long periods of time, intruders can go unnoticed. It is important to have a strong cyber security posture and preventive measures.

Colonial Pipeline Co, a US-based fuel transportation company, was the victim of the most famous ICS attack. It occurred on May 6th. The attack was described by some as the ” most disruptive hacker attack.” Security teams found that hackers gained access to systems using a stolen password. This was discovered in a collection of leaked passwords from the dark web.

Ransomware threats to ICS are on the rise

Cybersecurity and Infrastructure Security Agency (CISA), recently released a factsheet highlighting ransomware threats in 2021, about industrial control systems and operational technology assets.

CISA states that “accessible OT assets can be attractive targets for malicious cyber actors, given the importance of critical infrastructure for national security and America’s way of living.”

These people are “seeking disruption of critical infrastructure to make a profit or achieve other goals.” Recent cyber incidents have shown that intrusions into IT networks can affect critical operational processes, even if they don’t directly impact an OT network. CISA continues.

Check Point Software reported that US utility companies were the victims of 300 cyberattacks per week over a two-month period. Ransomware attacks can have serious real-world consequences that could be long-lasting.

How to protect your industrial control systems from ransomware attacks

Infrastructure groups can take proactive steps to prevent and brace against ransomware attacks. In a new fact sheet, CISA provides detailed guidance. The preparation phase is key:

  • Industrial groups need to assess the dependence on IT infrastructure.
  • Leaders need to develop resilience plans.
  • Every player should be able to implement an incident response plan.
  • Organizations need to have routine backup procedures in place for IT and OT networks.

This is only the tip of the iceberg. You must read the next section about mitigation.

Expert cyber security advice

  1. Segmentation of the OT/IT network is the first step to prevention. This will stop hackers from moving across a network.
  2. Threat prevention is key to avoiding zero-day exploit attacks. Virtual patching can protect devices against zero-day attacks and your organization will always have access to top-level threat intelligence platforms.
  3. Threats can be stopped by implementing zero-trust security policies. It is important to know who has access to which systems and in what amount. A zero-trust policy that is customized and well implemented can immediately reduce risk.

Watch this webinar for more expert insight into industrial control system security. Find out about security settings and defense in depth.

Register for a demo to see how comprehensive cyber security solutions can help keep critical infrastructures secure. High-quality technologies can make a significant difference in your environment’s long-term security.