Sectrio

Rising ransomware attacks point to a larger cybersecurity problem

By Prayukth K V
February 4, 2022
Rising ransomware attacks point to a larger cybersecurity problem

In January 2022, we witnessed a huge rise in ransomware attacks specifically on IoT and IT networks. Most of these attacks were designed to lock up the data, copy parts or whole of it and then dump the data on the Dark Web. If media reports are to be believed, many organizations that ended up paying a ransom didn’t get their data back.

If we break up the ransomware problem, we can identify these as the key attributes of the bigger challenge posed by ransomware to businesses:

  • Insider threat: emerging from employees or partners willingly or unwittingly ending up aiding hackers. Learn more about dead drops
  • Rising potency of ransomware: hackers have invested extensively in ramping up the facilities behind ransomware production and distribution and this is the reason behind 2021 turning into a very successful year for hackers
  • Growing ransom demand: there are contrasting reports on what was the highest ransom demand placed last year but it can be easily inferred that the ransom rates have certainly grown significantly in 2021
  • The rising role of enablers: while the number of ransom developers is growing, so is the role of the enablers. These include negotiators and even professional breach enablers who help in placing the ransomware in the target networks
  • Bleeding data: in December 2021, the volume of new data dumped on the Dark Web rose by nearly 3 TB. 
  • Hackers are now more aware of the vulnerabilities, cybersecurity gaps, and process deficiencies associated with IoT, IT, and OT in businesses and they are using this information to breach assets and networks   

What can businesses do to protect themselves from ransomware attacks?

  • In sectors like manufacturing, pharma, defense, and retail, cybersecurity needs to be embedded into supply chains and feeder processes
  • For small and medium businesses, operational visibility and visibility into networks at all times is a must.
  • Oil and gas (upstream and downstream operators) is a sector that has been traditionally vulnerable to a range of threats. Oil and gas companies need to harden their operations from a cybersecurity perspective and revisit their processes and cybersecurity practices to align them with the new cyber threats and challenges that are emerging in the background
  • Healthcare firms need to ramp up their IT security and invest extensively in securing their data
  • Micro-segmentation: involving fragmenting networks to enable greater visibility and granular enforcement of cybersecurity policies is a must deploy cybersecurity measure   
  • Industrial Control Systems and health and safety systems should be especially protected as these could not just create an operational challenge for businesses but more importantly, could create a health and safety hazard for employees working in manufacturing plants that deal with oil and gas products and other complex and dangerous chemicals
  • Cybersecurity audits should be conducted at least once a month. There are many available formats for conducting this. We have created one for you here that is aligned with the NIST framework
  • Encourage employees to report incidents and incentivize them to proactively detect and report vulnerabilities or security gaps
  • Businesses connected with a long tail and short tail supply chains should collaborate to arrive at common security standards and measures that they can deploy together
  • Enforce a no-click policy for suspicious emails
  • Look at opting for multiple vendors for obtaining your threat intelligence feeds

Looking at improving your IoT, OT, and IT cybersecurity, consult an expert from Sectrio for free. Book your slot now.

Try out our threat intelligence feeds and improve your threat hunting capabilities.

See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo. 

Improve your cybersecurity through OT and IoT focused threat intelligence feeds free for 15 days

Get access to enriched IoT-focused cyber threat intelligence for free for 15 days  

OT and IoT Security standards and Best Practices for CISO's

Download our CISO IoT and OT security handbook  

Access our latest Global Threat Landscape report  

Key Points

Get the latest news and insights beamed directly to you

Share

Key Points

Get the latest news and insights beamed directly to you

Share

Rising ransomware attacks point to a larger cybersecurity problem

Read More

Protecting your critical assets is only a few steps away

Scroll to Top