Ransomware sets its sights on IOT/OT
Operational technologies may enhance efficiencies, but the downside of increasing IOT deployments in field networks is that OT/IOT are increasingly at risk of ransomware and other cyber attacks.
This is according to Tumi Masobe, Business Development Manager at Nozomi Networks distributor Axiz, who says ransomware attacks can not only cost companies money and lose business, they can also put human lives at risk in the OT/IOT environment.
“IOT is generally insecure by design, and OT field networks are often more vulnerable than IT networks,” he says. “Attackers able to gain access to these networks and IOT devices could cause severe damage, for example, by impacting a vehicle assembly line or food manufacturing plant, which then would result in products not aligning with safety standards and having to be recalled. Tampering with sensors in water, power, mining, pharmaceutical or health infrastructure could literally put human lives at risk.”
Gartner predicts that by 2025, threat actors will have weaponised operational technology environments successfully enough to cause human casualties.
The Nozomi Networks Labs OT/IoT Security Report for 2021 notes that ransomware attacks have been increasing in frequency and impact over the past several years, with attacks on industrial organisations rising 500% between 2018 and 2020, and another 116% increase between January and May of 2021. High-profile examples of these included the ransomware attack on Colonial Pipeline in the US, which caused a six-day period of gas shortages, and an attack on JBS Foods, a major multinational meat processing company. While neither of these attacks was executed against operational systems, each resulted in disruptions to those systems, the report said, illustrating the potential impacts should OT systems be targeted directly.
The report said an assessment of vulnerabilities in industrial control systems as published by ICS-CERT found that vulnerabilities increased 44% in the first half of 2021 compared to the second half of 2020, with critical manufacturing, the ‘multiple industries’ grouping, and energy the industries most affected.
Masobe says a zero trust model, a post breach mindset and specialised OT network monitoring are necessary to mitigate the risks of ransomware. “Nozomi Networks, specialist in OT and IOT security and visibility, offer unmatched awareness of all OT and IOT assets and behaviour. Visibility and alerts of anomalous behaviour not only reduce the risk of ransomware and malware impacts, they also support preventative maintenance to enhance overall operational resilience,” he notes.