Attacks and Vulnerabilities
Malware, Phishing & Ransomware
News
Vendors

OTORIO warns of more industrial ransomware attacks in 2021

December 14, 2020
OTORIO collaborates

Industrial cybersecurity company OTORIO released its list of industrial cybersecurity predictions for 2021, against the backdrop of an increase in COVID-19 accelerated ransomware attacks targeting industrial companies. Hackers took advantage of the shift to opening the shop floor to remote connections, leading to a surge in industrial ransomware attacks from less than five successful attacks per month in the first quarter of this year, to over 20 successful attacks per month from May onwards.

Cybercriminals are known to exploit large-scale disasters that influence online behavior trends, OTORIO said. While some of these risks existed in the pre-COVID era, they were amplified dramatically, as remote connections became rapidly adopted by many businesses worldwide.

The year ahead is likely to witness a rise in industrial cybercrime, targeting industrial companies and impacting revenue-generating operations. Ransomware surged 40 percent in 2020 as cyber attackers realize that the industrial sector is willing to pay six digit figures in order to resume revenue generating operations, and this trend is only expected to continue rising, OTORIO said.

Remote access to production floors has become a primary threat with attackers going for the weak link – outside of the OT network. Supply chain vendors often have unrestricted access to the production floor, giving attackers an easy way to laterally target industrial networks. OTORIO also expects ransomware to have more impact on production and revenues, with the average ransomware payout rising to over US$1 million. Shutting down an OT production floor can cease revenue generating activities, it added.

C-level management are becoming more involved in OT cybersecurity reflecting a trend of holding CEOs personally responsible for cyberattacks. OTORIO expects that in 2021, C-level management will be spending more time on industrial cybersecurity than they did in the past. Proactive risk avoidance is set to replace threat detection as the era of post-breach detection strategy has passed, and proactive risk avoidance is the new OT paradigm.

The geographical spread has left no populated continent safe. “We’ve seen attacks in 31 countries located in Africa, Asia, Europe, Oceania, South and North America,” OTORIO said. Close to 55 percent of attack victims were North American- based companies, over 20 percent were European-based companies and more than 15 percent were Asian-based vendors, it added.

Headquartered in Tel Aviv, OTORIO predicts that in 2021 the number of industrial ransomware attacks will be rising fast, and with it the average payout. An easy way to attack any company is through remote access. Instead of attacking a company directly, attackers hone in on a supply chain vendor who has remote access to the targeted company, OTORIO identified. Remote access tools are known to have vulnerabilities – often granting automatic over-reaching privileges by default when adding a new user.

When ransomware hits an industrial company, it may force a complete production shutdown, flattening important revenue-generating activities. OTORIO predicts that in 2021, there will be a significant increase in the number of companies affected by ransomware. Instead of merely settling for data theft, cybercriminals will increase their attempts to disrupt production by preying on production floors and backup systems.

Geopolitics will also play a bigger role in industrial cyberattacks. Operators of critical infrastructure including water, transportation, electricity, and oil and gas, will have to pay attention to the fact that they are on the front lines for adversary nation-states attacks. OTORIO recommends early preparation and taking proactive measures through penetration tests, incident response drills, and even increased intelligence and detection.

Earlier this week, OTORIO and Accenture Labs collaborated on research that aims at mitigating the impact of cyberattacks on manufacturing and industrial infrastructures by leveraging knowledge and experience in cyber digital twins and OT cybersecurity.

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
Radiflow helps customers achieve NIS2 compliance, spurring growth in Europe
Radiflow, Exclusive Networks partner to elevate OT cybersecurity
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
CISA, FBI, Europol, and NCSC-NL issue joint cybersecurity advisory on Akira ransomware threats
CISA, FBI, Europol, and NCSC-NL issue joint cybersecurity advisory on Akira ransomware threats
Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Armis
Armis acquires Silk Security for $150 million to enhance AI-driven cybersecurity capabilities
Nozomi discovers five vulnerabilities in AMI MegaRAC SP-X BMC, exposing OT, IOT devices to RCE attacks
Nozomi secures US$1.25 million US Air Force contract to boost DoD critical infrastructure security
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape