The Cybercrime Gold Mine: Ransomware Risks in OT and ICS Platforms

Apr 22, 2021

The Cybercrime Gold Mine: Ransomware Risks in OT and ICS Platforms Image

When it came to cyber risk in 2020, ransomware reigned supreme. Instances of ransomware grew by more than 150% in 2020 alone, and this trend doesn’t look to be going anywhere. There was also a notable increase in the severity of attacks based on a few metrics. For 2020, the average ransom demanded increased by over twofold and amounted to $170,000 on average. Affected organizations also experienced 18 days of downtime on average due to attacks, and before encrypting data for impact, ransomware operators spent on average 13 days in compromised networks.

Following this trend was the threat ransomware posed to operational technology (OT) and industrial control systems (ICS) during this time. According to IBM, ransomware attacks were the most common threat to OT during 2020 and made up a third of all attacks on OT. This suggests that cybercriminals may be explicitly targeting organizations with OT networks. This trend is only ramping up due to these organizations’ low tolerance for downtime, meaning vigilance amongst organizations with OT networks should be at an all-time high as more cybercriminals shift their gaze to these industries.

When it comes to ICS, vulnerabilities are concerning as they increase the risk for operational technology systems and have the potential to lead to destructive kinetic effects. Vulnerabilities in these platforms have consistently risen since 2011, reaching an all-time high in 2020 and a 49% year-over-year increase in 2020 alone, as reported by IBM. According to Claroty, more than 70% of ICS vulnerabilities disclosed in the second half of 2020 can be exploited remotely, further highlighting the importance of protecting internet-facing ICS devices and remote access connections.

The potentially devastating effects of attacks on OT are not limited to ransomware. OT threats can lead to real-world impacts: chemical spills, machinery malfunctions, and the compromised safety of users. The effects of these threats can be even more devastating financially and have long-term implications on an organization’s image and its relationships with its customers.

OT network’s low tolerance for downtime and the potentially devastating real-world effects of attacks on OT makes its protection especially imperative. As cybercriminals increasingly target these systems, it’s essential to understand the risks. Secuvant can help identify the specific risks facing your organization and take steps to mitigate these risks. Secuvant works with organizations of all sizes and can develop a personalized plan that fits your budget and ensures you’re prepared for whatever comes your way. Learn more about Secuvant’s superior cybersecurity services, how we can benefit your organization, and talk to a Secuvant Expert today.

About Secuvant:

Located in Salt Lake City, Utah, Secuvant is a global leader in integrated cyber threat analytics and risk advisory services, built on a value system of client focus, integrity, accountability, execution, and teamwork. Secuvant’s mission is to provide clients with a Clear Path Forward in their pursuit of establishing an acceptable security risk posture. Secuvant’s success is built upon strict adherence to its values, a functioning world-class advisory board, the unique combination of cybersecurity expertise and industry / vertical specialization, and a team of experts that repeatedly deliver best-in-class managed and advisory cybersecurity and risk services. Secuvant understands Cyber Risk is Business Risk™ and uses methodologies and metrics aimed at minimizing business risk. Services include, but are not limited to, Security Gap and Risk Assessments, Risk Program Management, Executive and Board Cyber Advisory, Penetration Testing, Security Monitoring, Managed Detection and Response and Incident Response services. To learn more, visit www.secuvant.com.

Sources

“Number of ICS Vulnerabilities Disclosed in 2020 up Significantly.” Help Net Security, 4 Feb. 2021, www.helpnetsecurity.com/2021/02/05/number-of-ics-vulnerabilities/

“Number of Ransomware Attacks Grew by More than 150%.” Help Net Security, 3 Mar. 2021, www.helpnetsecurity.com/2021/03/08/ransomware-attacks-grew-2020/.

“X-Force Threat Intelligence Index.” IBM Security, 5 Feb. 2021, ibm.ent.box.com/s/hs5pcayhbbhjvj8di5sqdpbbd88tsh89