The world's most capable, rugged and secure
industrial control system...
Introducing Bedrock OSA® Remote
- Intrinsically-secure PLC and RTU control
- 10 or 20 channels of universal I/O
- Free IEC 61131-3 engineering software
- -40ºC to +80ºC temperature range
- Rugged, all-metal case 5.4 in x 8.9 in x 2.3 in
CISA Issues New Ransomware Guide
October 6, 2020
Sam Galpin, Bedrock Automation Fellow
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Ransomware Guide. The first part of the Guide focuses on preventing ransomware attacks; the second part is a checklist for what to do if you should get hit. This is important information at a time when ransomware perpetrators are beginning to target industrial operations.
Most cybercrime is money-driven. Ransomware enables criminals to monetize cyberattacks on targets previously of little interest. Ransomware started as a mass distribution “spray and pray” drive-by attack with minimal attention to targeting. The ransom amounts requested were typically small. In recent months, however, more sophisticated attackers have found they could reap much larger ransoms collected by targeting their attacks.
The ideal target has three characteristics: a strong incentive to restore operations quickly, the ability to pay, and weak defenses. Thus far, ransomware attacks on industrial systems have been rare, probably because other targets like municipal government agencies are less well-defended. There is, however, no question that industrial systems are potentially lucrative targets, and recent attacks such as EKANS and spearfishing attacks that shut down a pipeline are already exploiting that opportunity.
In the near term, the attacks will likely focus on targets the attackers are familiar with like Windows HMI stations and supporting services, which can force shutdowns and/or disrupt operations. As the attackers learn more about industrial systems and how to manipulate processes, they can move toward extortion.
September 28, 2020
“Government intelligence confirms the water and wastewater sector is under a direct threat as part of a foreign government’s multistage […]
August 27, 2020
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have urged critical infrastructure facilities to take […]
August 27, 2020
A second bit of ransomware code designed to target industrial control systems has emerged. Similar to the Megacortex malware that […]