According to Veeam’s 2024 Ransomware Trends Report, cyber victims stated that they were unable to restore 43 percent of whatever data was affected by ransomware attacks. This reaffirms what a number of Security Breach guests have stated about trusting hackers after paying their extortion demands.
Another finding shows that 63 percent of ransomware attack victims restored the compromised systems directly back into their production environment, without some type of quarantine or scanning method. The risk here, obviously, is simply bringing the ransomware right back to where you removed it. This is a big contributor to the ongoing frustrations associated with dwelling, or living-off-the-land attacks.
As much as we’d like it to, ransomware simply won’t go away. Some of this stems from a hacking community that continues to draw from a growing treasure chest of financial and technical resources. The other is that we continue to fall short in executing some of the basic blocking and tackling of cybersecurity, like protecting logins, improving visibility of our OT environment, and securing key devices.
In this episode, John Terrill, vice president of Phosphorus, a leading provider of security management services and solutions, offers his take on ransomware, as well as:
- How hackers are using replicable tool kits in moving from system to system or victim to victim in the industrial sector.
- Moving past the mindset that vulnerabilities are only a problem if that can’t be exploited – hackers will them.
- How those in cyber defense need to unlock their “creative maliciousness”, or take a similar approach to hackers in not being afraid to move around the system and potentially break stuff in order to identify soft spots in defenses.
- Why he prefers homegrown OT security expertise.
- The increasing benefits emanating from political discourse on cybersecurity.
- Remembering that non-OT systems, like HVAC or elevators, can be inroads to the ICS, and need to be defended as part of the OT landscape.
- Why we need to look at OT assets like computers, not just machines.
- How to overcome segmentation and micro-segmentation challenges.
To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.