December 7, 2023 at 02:05PM
Over 75% of industrial firms experienced ransomware attacks last year, with 54% impacting operational technology. Attacks increased due to the industrial sector’s vulnerability and tendency to pay ransoms. Despite increased IT and OT security incidents, industrial sectors remain primary targets, with geopolitical tensions exacerbating threats. Victims often pay ransoms, urging greater government intervention in OT security.
Meeting Takeaways:
1. Prevalence of Ransomware Attacks:
– 75% of industrial firms have experienced a ransomware attack in the past year.
– Attacks have increasingly targeted operational technology (OT) systems.
– More than half of industrial firms (54%) saw ransomware impact their OT directly or via linked IT systems.
2. Increase in Attacks and Impact:
– There has been an increase in OT systems impacted by ransomware: from 47% in 2021 to 54% in the past year.
– Incidents where both IT and OT systems were affected rose from 27% in 2021 to 37% in 2023.
3. Specific Cases and Industry Trends:
– Examples of attacks include those on Aliquippa Municipal Water Authority and Bridgestone.
– The industrial sector is the top target for ransomware, making up a third of all attacks.
4. Factors Behind the Surge in Attacks:
– Industrial firms are likely to pay ransoms (67%) to avoid operational disruptions.
– Companies’ willingness to pay depends on their revenue, with larger companies more likely to pay.
5. Third-party Providers as Additional Vulnerabilities:
– All top-10 energy firms in the U.S. have been affected by a third-party provider breach.
– Third-party compromises have led to broader impacts across the energy sector.
6. The Role of Extortion in Cyberattacks:
– There is an emerging trend of extortion attempts leveraging the threat of exposed data rather than the traditional deployment of ransomware.
7. The Need for Enhanced Government Support and Regulation:
– Smaller, local critical infrastructure entities often lack sufficient cybersecurity due to economic constraints.
– Government intervention is necessary to help underfunded sectors improve their cybersecurity posture.
8. Recommendations for Industrial Firms:
– Focus on visibility, incident response planning, and regular exercises to ensure preparedness across all stakeholders.
These takeaways distill the discussion points from the meeting notes and outline the core issues, statistics, and strategies for addressing the rise in ransomware attacks on industrial firms and their OT systems.