Cyber criminals are increasingly targeting industrial control systems that control cyber-physical systems in the hope of big pay days.
Ransomware attacks are targeting legacy industrial control systems (ICS) and more needs to be done to secure networks at industrial facilities against the threat of being disrupted by cyber criminals attempting to make money from extortion.
A report by cybersecurity researchers at Trend Micro warns that ransomware is “a concerning and rapidly evolving threat to ICS endpoints globally” with a significant rise in activity during the past year.
The motive behind ransomware attacks is simple – making money. Cyber criminals know that by hitting the industrial control systems used to operate factories and manufacturing environments, which rely on constant uptime, they have a good chance of getting paid.
These networks, and the ones that support utilities like water and power, need to be fully operational in order to provide services and the longer the network is down, the more disruption there will be, so the victim might make the decision to give in and meet the ransom demand of the cyber criminals.
“The underground cybercrime economy is big business for ransomware operators and affiliates alike. Industrial Control Systems found in critical national infrastructure, manufacturing and other facilities are seen as soft targets, with many systems still running legacy operating systems and unpatched applications. Any infection on these systems will most likely cause days if not weeks of outage,” said Bharat Mistry, technical director at Trend Micro.
Recent examples of successful ransomware campaigns like the attack against meat processor JBS demonstrate just how lucrative ransomware can be, as cyber criminals using REvil ransomware were able to make off with $11 million in bitcoin.