Are IT and OT losing the ransomware battle?


A report from Claroty finds ransomware attacks against critical infrastructures rampant, and paying ransoms often results in less downtime and lost revenue. Is there a way out?

istock-614154000.jpg
nevarpp, Getty Images/iStockphoto

If cyber-physical security company Claroty’s Global State of Industrial Cybersecurity 2021 report is any indication of the state of the war against ransomware, both IT and OT (operational technology) have been losing ground in their battles.

According to the report, 80% of critical infrastructure organizations reported experiencing a ransomware attack in 2021. Ransoms were paid 60% of the time (most frequently in the US, where 76% of ransoms were paid), and in more than half of cases those ransoms amounted to more than $500,000.

To tip the scales further into ransomers’ hands, the majority of respondents said revenue per hour losses due to ransomware downtime equaled or were greater than the ransom itself. Twenty-eight percent said that they still experienced “substantial impact to operations” despite paying the ransom, but that’s the sort of gamble businesses may be willing to take.

“These findings suggest that, despite the well-known downsides of paying the ransom, the alternative (revenue loss due to prolonged operational downtime) is too costly for most victim organizations to justify,” the report said.

SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)

Ransomware is just part of the story

The general gist of Claroty’s report goes beyond ransomware to define a trifecta of problems that caused unprecedented disruption in 2021: the aforementioned ransomware, increased speeds of digital transformation and a shift to remote work triggered by the COVID-19 pandemic that is unlikely to shift back in the next few years.

See also  What is Coda and why should you be using it?

In terms of industries hit the hardest, Claroty found that IT hardware, oil and gas, water and waste and automotive companies were the hardest hit, with 90% of respondents from those industries reporting their organization faced a ransomware attack in the last year. In the electric energy and heavy industry sectors that number is barely lower, with 87% reporting a ransomware attack in 2021.

Among those hit, roughly half report a substantial impact to more than one site or function of at least several days, and about half said that the ransomware affected either OT/ICS or both IT and OT/ICS systems.

More than 90% of respondents said that COVID-19 accelerated their digital transformation initiatives, which Claroty said necessitates enhanced connectivity between IT and OT networks. Herein lies the problem: OT networks and the hardware that lives on them isn’t always designed to have a connection to the internet, even if indirect.

“Changes to OT/ICS environments also introduce risk by creating additional vectors for attackers. Results have played out in the headlines and spurred renewed warnings by the government on the risk of connecting industrial networks to IT networks and the need for a heightened state of awareness and controls,” the report said.

Add to that the fact that 73% of respondents say that remote work at their organization is likely to continue for the foreseeable future and you have a recipe for a security nightmare that has been clearly spelled out before.

SEE: Password breach: Why pop culture and passwords don’t mix (free PDF) (TechRepublic)

How to minimize your OT/ICS trifecta risks

If remote work and OT/ICS-exposing digital transformation are what open you up to increased risk, then ransomware is what that increased risk opens you up to. Things may seem grim based on the numbers Claroty presents, but that’s not the conclusion it draws.

See also  Why your open-source project definitely should not be the next Kubernetes

“Organizations across the globe have strong executive leadership and trusted cybersecurity experts at the helm. Standing together, they are on the right track,” the report concludes.

Staying on the right track isn’t effortless though, which is why Claroty makes five recommendations to companies worried about facing more of the same risk trifecta in 2022:

  • Extend risk governance to include all industrial IoT, ICS, and enterprise IoT components: It’s these that introduce much of the risk to OT networks.
  • Segment your network to ensure nothing but essential communication passes between IT and OT networks. Claroty also recommends virtually segmenting OT and ICS networks to prevent lateral movement if an attacker is able to penetrate it.
  • Practice good OT/ICS/IoT cyber hygiene. This includes regularly updating devices, ensuring there aren’t any shared passwords being used, enacting MFA, and the like.
  • Implement monitoring software that can cross the boundaries between IT and OT networks. Make sure that IT and OT have access to the same information and reports to streamline management and mitigate risk.
  • Practice makes perfect, so be sure you run regular tabletop ransomware exercises. Have thorough after-action reviews to find weak spots, and shore them up with additional training, resources, and software as needed.



Source link

© 2022, Admin. All rights reserved.

istanbul escort aksaray escort arnavutköy escort ataköy escort avcılar escort avcılar türbanlı escort avrupa yakası escort bağcılar escort bahçelievler escort bahçeşehir escort bakırköy escort başakşehir escort bayrampaşa escort beşiktaş escort beykent escort beylikdüzü escort beylikdüzü türbanlı escort beyoğlu escort büyükçekmece escort cevizlibağ escort çapa escort çatalca escort esenler escort esenyurt escort esenyurt türbanlı escort etiler escort eyüp escort fatih escort fındıkzade escort florya escort gaziosmanpaşa escort güneşli escort güngören escort halkalı escort ikitelli escort istanbul escort kağıthane escort kayaşehir escort küçükçekmece escort mecidiyeköy escort merter escort nişantaşı escort sarıyer escort sefaköy escort silivri escort sultangazi escort suriyeli escort şirinevler escort şişli escort taksim escort topkapı escort yenibosna escort zeytinburnu escort porno 1080p porno izle 4k porno izle 720p porno izle abella danger alman alman porno alman porno izle aloha tube porno amatör amatör porno amatör porno izle anal anal porno anal porno izle arap porno asa akira porno asyalı porno bangbros porno bangbros porno izle banyoda sikis başörtülü porno beeg porno izle beyaz tenli porno izle biseksuel porno izle bisexsuel porno brandi love porno brazzers brazzers porno izle canli porno canli porno izle çinli porno çinli porno izle ensest porno ensest porno izle ensest seks erotik porno erotik porno izle esmer porno esmer porno izle etek altı fake agent fake taxi fake taxi porno fantazi pornoları fantezi porno izle fetiş porno fetiş porno izle fetish fransız porno fransız porno izle full hd hg porno izle gangbang porno genç kız porno izle genç kız sikişi genç teen porno izle gizli çekim porno gizli çekim pornosu grup pornosu grup porno grup porno izle hd pornolar hd porno hd porno izle hemşire porno hemşire pornosu hizmetçi porno hizmetçi porno izle ingiliz porno japon pornoları japon porno kızlık bozma kızlık bozma porno izle konulu porno konulu porno izle koreli porno köylü pornoları kumral porno kumral porno izle latin pornoları latin porno latin porno izle lezbiyen pornoları lezbiyen porno lezbiyen porno izle lisa ann porno liseli pornoları liseli porno liseli porno izle manken porno manken porno izle masaj porno izle masturbasyon porno izle masturbasyon pornoları mature porno mia khalifa porno mia malkova porno milf porno izle mobil porno mobil porno izle öğrenci porno izle öğretmen porno izle okul porno izle olgun kadın pornosu olgun porno oral porno oral porno izle oral seks porna izle pornhub pornhub porno izle porno film izle porno indir porno izle porno resimler porno star porntube porno izle redtube redtube pornoları riley reid porno rokettube rus pornoları rus porno rus porno izle sakso blowjob porno izle sarışın pornoları sarışın porno sarışın porno izle sarışın pornoları sekreter porno shemale sikiş sikiş sikiş izle şişman porno siyahi pornoları suriyeli pornoları swinger porno tecavüz porno teen porn türbanlı pornoları türbanlı porno türk pornoları türk porno türk porno izle türkçe altyazılı porno türkçe altyazılı porno izle xhamster pornoları xhamster porno xhamster porno izle xnxx xnxx porno xnxx porno izle xvideos xvideos porno izle yaşlı porno yeşilçam porno izle youjizz youporn youporn porno izle zenci porno güvenilir bahis siteleri bahis siteleri casino deneme bonusu casino siteleri deneme bonusu para yatırma bonusu bahis siteleri casino siteleribahis sitesi para yatırma