Cyberattacks: What’s in Your Wallet?
The original version of this article was pulled from Food Engineering featuring Kevin Romer, Principal Engineering and Matt Smith, network architect IT/ICS for E Tech Group. Click here to read the original article. Cybercriminals Custom-Tailor Their Ransom Demands To Your Budget. According to the FBI, the three most common IT/OT (operational technology) infection vectors are email phishing campaigns (aka BEC or business email compromise), remote desktop protocol (RDP) and software vulnerabilities. While some hackers may intentionally want to bring down your production systems using the second and third vectors, “we’re only in it for the money” is a far better motive for breaking into your IT/OT systems—and what better way to do it than through the phishing emails scattered among the zillions of emails you get every day. Accidentally clicking on one email link can quickly connect you with ransomware—which can not only shut down your business system, but also your production systems, if they’re not protected. The Role Subpar Control Systems Play in Cyber Attacks “Once inside an organization, ransomware groups and affiliates will often take advantage of the misconfigurations within an organization’s Active Directory security posture,” says Marty Edwards, Tenable deputy CTO of OT/IoT. “Gaining domain privileges provides attackers with the necessary capabilities to distribute their ransomware payloads across the entire network.” According to the IBM “X-Force Threat Intelligence Index 2022,” ransomware was the number one attack type in 2021, accounting for 21% of all attacks. According to a 2022 SANS Institute survey, 40.8% of OT/industrial control systems (ICS) compromises came down from business IT systems. To safeguard production systems, manufacturers need to isolate OT from IT systems—or at the very least be able to have a quick disconnect when IT systems are infected. Secure Automated Systems Require IT/OT Separation In this article, we look at IT attacks and … Continued