Operational Technology Threats in 2021: Ransomware, Remote Access Trojans and Targeted Threat Groups
Organizations with operational technology (OT) networks face many unique — and often complicated — considerations when it comes to cybersecurity threats. One of the main challenges facing the community is the convergence of an increasingly OT-aware and capable threat landscape with the digital transformation of the industrial community. This comes at a time when organizations have historically prioritized preventive-based controls (segmentation, patching, authentication, anti-malware, etc.) well beyond the ability to get visibility into their OT networks as well as the ability to detect and respond to issues. This creates significant risk and is made more complicated when many industries also face aging infrastructure and consequences that can manifest in the physical world with impacts on safety and environmental damage.
To delve deep on the threat landscape for organizations connected to OT and industrial control system (ICS) environments, IBM Security X-Force threat intelligence analysts worked jointly with Dragos, a firm that specializes in OT and ICS cybersecurity, to investigate some of the major intrusion trends that may impact OT and ICS environments.
The research shows that ransomware and remote access Trojans are the most common attack types against enterprise networks connected to OT networks.
Ransomware specifically has direct impacts as it moves from enterprise networks into OT networks and causes costly operational outages.
The remote access Trojans highlighted in this analysis are those utilized by OT-specific threat groups as they leverage this capability to gain access to enterprise networks and then move from Stage 1 to Stage 2 operations as def ..
Support the originator by clicking the read the rest link below.
