fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

LockBit, Conti Most Active Ransomware Targeting Industrial Sector

LockBit, Conti Most Active Ransomware Targeting Industrial Sector

Ransomware attacks extended into the industrial sector last year to such a degree that this type of incident became the number one threat in the industrial sector.

Two ransomware groups, LockBit and Conti, have been most active compromising organizations with an Industrial Control System (ICS)/Operational Technology (OT) environment in 2021.

Ransomware threat is frequent in the manufacturing sector

A report today from industrial cybersecurity company Dragos highlights that the industrial sector has become a more attractive target for both financially motivated adversaries and actors linked to state-sponsored groups.

Also Read: The Competency Framework: A Guide for Managers and Staff

Monitoring the threat activity in the industrial sector last year, the company discovered a jump in ransomware incidents targeting ICS/OT networks.

According to Dragos’ findings, the most common targets for ransomware groups were in the manufacturing sector, with 211 attacks accounting for 65%, followed by 35 successful compromises of companies in the food and beverages business, and 27 attacks against entities in the Transportation sector.

The researchers note that the manufacturing vertical is the most exposed to attacks because this “sector is often the least mature in their OT security defenses.”

An overview of the security of these companies reveals a troubling trend, the researchers say based on data collected during customer engagements

Many organizations have very limited visibility into the infrastructure, fail to properly segment network perimeters, have many devices with an external connection, and a large percentage of shared credentials between the enterprise network (IT) and the OT environment

The problems above lay the ground for successful attacks, allowing threat actors to pivot from the IT network into the OT segment, even if breaching the latter is not the main goal.

Also Read: Personal Data Protection Act Australia

This allowed the ransomware threat to become the number one cause for compromises in the industrial sector, the researchers note in the report.

“While ransomware mainly targets enterprise IT systems, there are a number of instances when it does impact OT directly and in integrated IT and OT environments” – Dragos

After gaining access to the IT network to execute the ransomware component, adversaries can move laterally into OT systems, allowing them to ask for larger ransoms by causing a more damaging impact.

LockBit and Conti attacks in ICS sector

Of the ransomware groups attacking the industrial infrastructure, LockBit and Conti are by far the most active, accounting for 51% of the incidents.

According to Dragos, the two ransomware groups are responsible for 166 attacks on companies in the ICS sector, LockBit accounting for 103 incidents and Conti for 63. The latter has taken control of the TrickBot operation recently and will likely increase its incursions into OT networks.

In 70% of all the ransomware incidents that Dragos analyzed, the targets were in the manufacturing sector, the most affected subsectors being metal products, automotive, plastics, technology, and packaging.

Ransomware threats are not showing any decline, despite governments prioritizing law enforcement efforts to bring ransomware-as-a-service (RaaS) operators and their affiliates to justice.

Dragos has high confidence that this threat will keep disrupting industrial operations and OT environments in 2022 because of either of the following three factors:

  • Actors integrate OT kill processes into ransomware payloads
  • Operators shutting down OT environments to prevent ransomware from spreading to the OT systems from the IT network
  • Adoption of the simplified flat network design to lower cost and maintenance effort by reducing the number of routers and switches, which leads to a less secure environment due to lack of segmentation

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us