A new report highlights the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. “Industrial Control Systems are incredibly challenging to secure, leaving plenty of gaps in protection that threat actors are exploiting with growing determination,” Ryan Flores, senior manager of threat research for Trend Micro, said. “Given the US government is now treating ransomware attacks with the same gravity as terrorism, we hope the latest research will help industrial plant owners to prioritise and refocus their security efforts.”
Industrial Control Systems (ICS) are a crucial element of utility plants, factories and other facilities, where they are used to monitor and control industrial processes across information technology (IT) and occupational therapy (OT) networks. If ransomware finds its way onto these systems, it could knock out operations for days and increase the risk of designs, programs, and other sensitive documents finding their way onto the dark web.
The report highlighted how threat actors are infecting ICS endpoints to mine for cryptocurrency using unpatched operating systems which are still vulnerable, variants are spreading on ICS endpoints running newer operating systems by brute forcing admin shares and legacy malware are still widespread in IT and OT networks, spreading via removable drives. The report urged closer cooperation between IT security and OT teams to identify key systems and dependencies, such as operating system compatibility and up time requirements, to develop more effective security strategies.
The report offered several recommendations such as the importance of prompt patching, if this is not possible, consider network segmentation or virtual patching from vendors. Tackling post intrusion ransomware by mitigating the root causes of infection via application control software was also recommended, as well as restricting network shares and enforcing strong username and password combinations to prevent unauthorised access through credential brute forcing.