Why Have Industrial Companies Become So Vulnerable To Data Extortion?

2020 was a standout year for industrial data extortion. More companies have been affected by cyberattacks in recent months than in the last 15 years combined. With the industrial sector being the second most frequently targeted, some of the most notable data extortion cases included the ransomware attacks on the Colonial Pipeline and meat processor JBS. Experts are warning that the stakes are high and vulnerabilities are widespread. This does not, however, mean that industrial companies are powerless against cyberattacks.

 

Putting Conventional Cybersecurity To The Test

Cybersecurity flaws affecting industrial companies have been identified across control systems provided by specific vendors, along with device configurations, network segmentation, outdated software, lacking system maintenance, and weak passwords. Many of these issues were uncovered through venerability tests, in which researchers will imitate criminal hacking attempts. The simulated cyber attacks found that industrial companies are relying on systems that are especially easy to penetrate and that conventional protections against such attacks could be swiftly bypassed.

System infrastructure analysis completed by security company Positive Technologies found that in all cases of cyberattacks, industrial internal networks could be fully taken over when attackers obtain user credentials. In 75 percent of cases, attackers were able to gain access to technological segments of a network and in just under 70 percent of cases, they were able to steal email correspondence, internal documentation, and other sensitive data. Positive Technologies’ also found that more than 90 percent of industrial organizations could be externally accessed by an attacker.

How Can Ransomware Risks Be Reduced?

Though alarming, there are steps that industrial companies can take to greatly reduce the risk of data extortion and other attacks. Relying on systems that simply scan for and send alerts that detect nefarious actors already targeting infrastructure is usually ineffective. Instead, experts are recommending that industrial companies invest in their own simulations that will identify specific vulnerabilities in their systems. It is also recommended that organizations stay abreast of system requirements and avoid vendors that are most likely to invite common risks. Additionally, simple steps like training employees on security protocol and keeping all connected devices up to date can reduce the chances of a breach.

Out-of-service gas pumps due to panic buying after the Colonial Pipeline cyberattack at the Wawa along Air and Space Museum Parkway in Oak Hill, Fairfax County, Virginia. Credit: Famartin

Since more high-profile attacks have occurred in industrial sectors, have you examined your cybersecurity?  Has your organization been affected by data extortion attempts or other cyberattacks? Comment and share your experience.

ABOUT JBS

JBS Foods is a global, diversified protein company creating delicious products for customers and consumers around the world. We are driven by our mission to be the best and committed to responsibly producing products people trust and enjoy.

JBS Foods is the leading beef producer in the world, with operations in the United States, Australia and Canada.

JBS Foods is the majority shareholder of Pilgrim’s, the leading poultry producer in the world, with operations in the United States, the United Kingdom, Mexico and Puerto Rico.

JBS Foods is the second largest pork producer in the world, with operations in the United States, Brazil, the United Kingdom and Australia.

Article Sources:

https://venturebeat.com/2021/09/05/the-common-vulnerabilities-leaving-industrial-systems-open-to-attack/

https://venturebeat.com/2021/03/29/canalys-more-data-breaches-in-2020-than-previous-15-years-despite-10-growth-in-cybersecurity-spending/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top