The Predictions Were Right: In 2021, Ransomware will Physically Impact Operations

The Predictions Were Right: In 2021, Ransomware will Physically Impact Operations

15 Mar 2021

The #1 prediction in OTORIO’s Industrial Cybercrime Impact Report and 2021 Predictions was that ransomware would physically impact production in 2021. Three months into this year, and we can sadly say those predictions have come true.

 

Since January, attackers managed to physically affect the operations of large manufacturing plants and critical infrastructure sites alike. Here are a few of the major operational disruptions caused by cyberattacks thus far in 2021:

  • In January, the paper and packaging giant WestRock Co fell victim to a ransomware attack. The attack has caused severe disruption in the company’s production and shipping capabilities. 

  • In February, hackers gained access to the water treatment system of Oldsmar, Florida, a town of nearly 14,000 residents. They manipulated the water supply’s sodium hydroxide (lye) levels - which could have endangered thousands of lives had it not been detected so quickly by a resourceful employee.

  • In another severe attack in February, a  French hospital was hit by the Egregor ransomware. The hospital experienced severe operational disruption, shutting down critical care to patients during a global pandemic. 

  • Just this week, in March, it was brewer Molson Coors’ turn. A cyberattack disrupted brewing operations and shipments of the multinational drink and brewing company. The company is still working on getting its systems back up. 

OT Cybersecurity ≠ IT Cybersecurity

Unlike IT networks, where attacks impact data, in operational (OT) networks - like those of WestRock, Oldsmar water treatment, Dax-Côte d’Argent hospital, and Molson Coors - attackers can take control over physical assets and cause severe damage ranging from production slowdown to substantial risk to human life. 

IT solutions are not suitable for OT networks. They focus on post-infection detention and on mitigation steps that require downtime. Yes, even highly risk-aware industrial enterprises still focus primarly on IT solutions, also for the OT network. As a result, despite the clear and present danger, OT networks often remain unprotected.

The operational networks control the heart of industrial production and critical operations and are comprised of legacy systems and devices - some of which entirely lack modern cybersecurity capabilities. This makes OT networks more vulnerable to cyberattacks, and threat actors know this. Hackers target operations because they understand that – given the mission-critical nature of the systems under attack - they are more likely to get a ransom.

 

Don’t let hackers shut down your operations

Manufacturers, industrial companies, and any organizations that rely on physical infrastructure to maintain business continuity should be prepared for the next cyberattack. By adopting OT incident response solutions that provide complete visibility over cybersecurity posture in the oft-neglected operational environment, OT security stakeholders can proactively apply feasible risk mitigation steps and make sure no one will shut down operations.

11 Dec 2020 Containing Risks by Leveraging Digital Twins: An Innovative Collaboration between Accenture Labs and OTORIO more...
10 Feb 2021 Florida’s Water Poisoned by Hackers: A Warning Signal more...
02 Mar 2021 OTORIO’s Pen-Testers discovered more than 20 vulnerabilities in a popular Industrial Remote Access Solution more...
×

OTORIO website uses cookies. By continuing to browse the site you are agreeing to our use of cookies. For more details about cookies and how to manage them, see our cookie policy.

Continue