The world's most capable, rugged and secure
industrial control system...
Introducing Bedrock OSA® Remote
- Intrinsically-secure PLC and RTU control
- 10 or 20 channels of universal I/O
- Free IEC 61131-3 engineering software
- -40ºC to +80ºC temperature range
- Rugged, all-metal case 5.4 in x 8.9 in x 2.3 in
CISA Issues New Ransomware Guide
October 6, 2020 | Sam Galpin
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Ransomware Guide. The first part of the Guide focuses on preventing ransomware attacks; the second part is a checklist for what to do if you should get hit. This is important information at a time when ransomware perpetrators are beginning to target industrial operations.
Most cybercrime is money-driven. Ransomware enables criminals to monetize cyberattacks on targets previously of little interest. Ransomware started as a mass distribution “spray and pray” drive-by attack with minimal attention to targeting. The ransom amounts requested were typically small. In recent months, however, more sophisticated attackers have found they could reap much larger ransoms collected by targeting their attacks.
The ideal target has three characteristics: a strong incentive to restore operations quickly, the ability to pay, and weak defenses. Thus far, ransomware attacks on industrial systems have been rare, probably because other targets like municipal government agencies are less well-defended. There is, however, no question that industrial systems are potentially lucrative targets, and recent attacks such as EKANS and spearfishing attacks that shut down a pipeline are already exploiting that opportunity.
In the near term, the attacks will likely focus on targets the attackers are familiar with like Windows HMI stations and supporting services, which can force shutdowns and/or disrupt operations. As the attackers learn more about industrial systems and how to manipulate processes, they can move toward extortion.