Home Daily Brief Ransomware Has A New And Very Valuable Hostage In Sight

Ransomware Has A New And Very Valuable Hostage In Sight

Ransomware Has A New And Very Valuable Hostage In Sight
0

Cybercriminals have figured out that fencing stolen data is a lot more work than just holding it hostage. It also doesn’t pay as well. Ransomware is a rapidly growing cyber threat, and attacks overall were up 25% in Q1.

Ransomware continues to proliferate as an effective cybersecurity threat because it works. It gets hackers paid.

Get started on your cybersecurity degree at American Military University.

The average ransomware payment is up 33% from Q4 of 2019 to $111,605. But the real cost is the impact on business, such as lost revenue or employee productivity or the impact to public services. The average business downtime due to a ransomware attack is 15 days.

The city of Florence, Alabama, was hit on June 5th with a ransomware attack and hackers demanded $300,000, which city officials said they’d likely pay to keep their citizens information off the internet.

A month ago, ransomware hackers got into a New York City law firm and were demanding $42 million, or they’d release information about America’s president.

And just last week Honda was hit by a cybersecurity incident that looks like a ransomware attack and one that has impacted their production facilities. Stealing a bunch of data is one thing, but shutting an organization or its production systems down is another. Holding manufacturing and industrial systems hostage is a growing cyber threat, one that is sure to get hackers, boardroom and CEO attention for one important reason…it hurts fast.

Galina Antova, a co-founder of Claroty, a cybersecurity firm focused on protecting industrial networks, describes it by saying, “This is where many businesses make their money.” A recent Claroty survey of 1,000 IT security professionals indicated that an attack on critical infrastructure is potentially much more damaging than an enterprise data breach. Almost 76% of the survey respondents reported that a critical infrastructure breach would inflict more damage.

Holding production hostage or negatively impacting an expanding range of industrial processes that are now connecting to the network works because it hits hard and fast, and it can catastrophically disrupt a business, or organization potentially stopping it from functioning.  These attacks can frequently target and attack public sector entities and their services as well.

The networking of operational technology is ramping up in many industries and companies, and as it does, so will the attention that cyber hackers give it as a source of opportunity.

The Claroty survey also indicates that U.S. companies lag when compared to other non-U.S. countries in how secure their industrial networks are, with 51% of U.S. firms indicating that their industrial networks need more protection. Hackers find and hack weakness, and the U.S. lags the world in public and private sector maturity all but guaranteeing that U.S. companies and organizations will continue to be the preferred target of hackers.

Developments in networked connectivity, including 5G, are pushing connectivity deeper into organizations as they connect an expanding group of industrial systems. The real-time criticality of industrial operations makes them a very valuable target for hackers.

This new hostage will change the ransom game because it changes the risk game through real-time disruption and what it puts at risk. It also introduces some frightening new risks if industrial processes involve hazardous or volatile environments or materials.

Hackers are productive with their time, and they attack where there’s opportunity and money. The advancement of highly connected operational technology environments offers them a rich and relatively easy target environment.

Galina has several recommendations for businesses addressing this expanding risk landscape. First, don’t have a separate cybersecurity function for operational technology and industrial networks.  Integrate this capability within the organization’s core cybersecurity function.

Second, understand what’s at stake and what’s at risk from a leadership perspective with operational technology. The operational threats are unique, as are their risks. They need a contextual understanding of how these systems are creating value and what the risks are to that value and beyond.

Ransomware will continue to expand as an effective cyber-attack tactic. Operational systems are an attractive hostage for cyber adversaries regardless of their motivations in both the public and private sectors.

In the words of the FBI’s former lead international kidnapping investigator, Christopher Voss, “Hostage negotiation is often nothing more than a business transaction.”

The hackers have learned this lesson, business and public leaders have work to do.

 

This article was written by Bob Zukis from Forbes and was legally licensed through the NewsCred publisher network. Please direct all licensing questions to legal@newscred.com.

Comments

comments

tags: