Cyber-criminals are known for taking advantage of large-scale disasters that influence online behavior trends. In 2020 threat actors stepped up their attacks by exploiting the global shift of focus on the Covid-19 health crisis. Although these same risks existed in the pre-Covid-19 world, they were amplified dramatically, as remote connection solutions became a go-to solution for almost every business worldwide.
Remember the first time you read about Covid-19? Did you imagine you would be living the Coronavirus experience a year later? Well brace yourself for the next wave of cyberattacks. A new type of threat that crept upon the world in 2020.. It’s called "industrial cybercrime". Potentially, the two most important words you’ll hear in 2021.
Know Your Enemy, Understanding the New Threat
So what is industrial cybercrime? In the past, hackers attacked locations that stored data and shut down computer systems. Today, they are taking it to the next step and figuring out how easy it is to attack companies' physical assets - or in other words, the actual machines used to manufacture everything we consume, from cars to food to vaccines. So instead of shutting down a social media account or a website, hackers can shut down a company's production floor, or an electric company's entire grid. While we can all live without Facebook for a few days, no one wants to live without food, medicine or electricity! Yes, the attacked companies eventually get their things moving again, but this can cause a worldwide shortage of things that we need and consume.
There is even a new form of ransomware out there. Hackers threaten companies that they have to pay hundreds of thousands of dollars or they will shut down the company, or worse, give out customers' personal information. In one example, hackers published personal info - including drivers' licenses of an insurance company's customers. One day, they may learn how to stop pills - or even vaccinations - from being produced.
2021 Industrial Crime Predictions
According to industrial cybersecurity and cyber risk management company OTORIO, the number of industrial ransomware attacks is rising fast, and with it the average payout. An easy way to attack any company is via remote access. Instead of attacking a company directly, attackers hone in on a supply chain vendor who has remote access to the targeted company. Remote access tools are known to have vulnerabilities - often granting automatic over-reaching privileges by default when adding a new user.
When ransomware hits an industrial company, it may force a complete production shutdown, flat-lining important revenue-generating activities. OTORIO notes that in 2021, we will see a substantial increase in the number of companies affected by ransomware. And rather than settling for data theft, cybercriminals will increase their attempts to disrupt production by preying on production floors and backup systems.
As the potential damage of industrial cybersecurity rises, 2021 will see executive boards and C-level management becoming more involved in the security of operational assets. Managers will also be responsible for OT cybersecurity and OT threat intelligence. When company profits drop, management jobs are on the line and accountability will be a bigger issue going forward. According to OTORIO, there is no doubt that industrial cybersecurity will be added to the list of concerns that executive boards will be concerned with in 2021.
Geopolitics will also play a bigger role in industrial cyberattacks. Operators of critical infrastructure (water, transportation, electricity, oil & gas) need to be aware that they are on the front lines for adversary nation-states attacks. OTORIO recommends early preparation and taking proactive measures via penetration tests, incident response drills and even increased intelligence and detection.
OTORIO also states that a paradigm change is expected within the cybersecurity world. In the past, threat detection was the name of the game when it came to industrial cybersecurity. Detect the threat immediately, put out the fire, and call it a day. With the rising stakes depicted above, a new paradigm of threat avoidance is required. The act of detecting a threat is rapidly turning into a matter of "too little, too late".
Industrial organizations need to secure their revenue-generating operations from the rising threat of cyber-crime. Applying predictive risk avoidance approaches appear to be ideal for mapping potential - and obvious - gaps in their security posture - long before real-life breaches occur. In doing so, they can make sure that 2021 will indeed be a better year than its predecessor.