Search
Close this search box.

Risk of data theft from ransomware attacks is growing

ransomware

A new report highlights the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. “Industrial Control Systems are incredibly challenging to secure, leaving plenty of gaps in protection that threat actors are exploiting with growing determination,” Ryan Flores, senior manager of threat research for Trend Micro, said. “Given the US government is now treating ransomware attacks with the same gravity as terrorism, we hope the latest research will help industrial plant owners to prioritise and refocus their security efforts.”

Industrial Control Systems (ICS) are a crucial element of utility plants, factories and other facilities, where they are used to monitor and control industrial processes across information technology (IT) and occupational therapy (OT) networks. If ransomware finds its way onto these systems, it could knock out operations for days and increase the risk of designs, programs, and other sensitive documents finding their way onto the dark web.

The report highlighted how threat actors are infecting ICS endpoints to mine for cryptocurrency using unpatched operating systems which are still vulnerable, variants are spreading on ICS endpoints running newer operating systems by brute forcing admin shares and legacy malware are still widespread in IT and OT networks, spreading via removable drives. The report urged closer cooperation between IT security and OT teams to identify key systems and dependencies, such as operating system compatibility and up time requirements, to develop more effective security strategies.

The report offered several recommendations such as the importance of prompt patching, if this is not possible, consider network segmentation or virtual patching from vendors. Tackling post intrusion ransomware by mitigating the root causes of infection via application control software was also recommended, as well as restricting network shares and enforcing strong username and password combinations to prevent unauthorised access through credential brute forcing.

Read more of our news stories here!

CTS The industrialisation of IT
CTS - Industrialisation of IT
Related Posts
CTS The industrialisation of IT
Others have also viewed

UK businesses see boosting connectivity as integral to growth

Study reveals a great opportunity for alternative network providers (AltNets) to meet growing demand for ...
centre

Germany Energy Efficiency Act demonstrates importance of data centre supply chain collaboration

Following the signing into law of Germany’s Energy Efficiency Act (EnEfG), energy solutions specialist Aggreko ...

Systemair look to Infor’s cloud solution to deliver more sustainable products

Systemair is moving its core business system to Infor CloudSuite Manufacturing, aiming at smoother integration ...
Data Centre

Vertiv collaborates with Intel on liquid cooled solution

Vertiv is collaborating with Intel to provide a liquid cooling solution that will support the ...