Palo Alto networks has a frightening prediction for 2017. Ransomware successfully penetrates and attacks Critical Infrastructure systems. In the Palo Alto publication, they describe what a successful attack would look like, as well potential pay out for the criminals. This is a disturbing development, and should not be taken lightly. Kaspersky in December highlights ransomware attacks on industrial companies. The trend is not looking good. While this type of attack would require a sophisticated and technologically savvy attacker, it is (to quote from Star Wars) “possible to find a weakness and exploit it.” (We know how that one ended). There are already published alarming reports of ransomware specifically targeting ICS controls, and should put organizations on alert to protect not just their IT infrastructure, but also protect their Operational Technology (OT) as well.
The cyberwire podcast provides some good insight on ICS/SCADA concerns. The bottomline is 2017 looks to be the year where ransomware makes the jump from IT to OT. Couple this with the ability to physically disable systems, cybercriminals have a new group of hostages, and have no issue with killing them to send a message.
All FUD (fear, uncertainty and doubt) aside, having a solid back-up system, incident response plan and ransomware awareness plan are good steps to reducing the ransomware impact. Preparation is key, the adage of ‘an ounce of prevention is worth a pound of cure’ is as true as it ever was!
Author: Ernest Ferraresso @JTI_EFerraresso (Twitter)
Ernest Ferraresso is the JohnsTek Director of Operations.