\n<\/p>\n
\n Latest report highlights United States as the prime target of global threat actors <\/p>\n
HONG KONG SAR –\u00a0Media
Click here to read a full copy of the report,\u00a02020
“Industrial
Industrial
If
Trend
The
The
Trend
\nOutReach<\/a>\u00a0–\u00a05 July 2021\u00a0–\u00a0 (;), a global cybersecurity leader, today released a new report highlighting
\nthe growing risk of downtime and sensitive data theft from ransomware attacks
\naimed at industrial facilities.<\/p>\n
\n
<\/p>\n
\nReport on Threats Affecting ICS Endpoints<\/i>:\u00a0<\/b>https:\/\/www.trendmicro.com\/vinfo\/hk\/security\/news\/internet-of-things\/2020-report-ics-endpoints-as-starting-points-for-threats<\/a>\u00a0\u00a0<\/p>\n
\n
<\/p>\n
\nControl Systems are incredibly challenging to secure, leaving plenty of gaps in
\nprotection that threat actors are clearly exploiting with growing
\ndetermination,” said\u00a0Ryan Flores<\/span>, senior
\nmanager of forward-looking threat research for Trend Micro. “Given the US
\ngovernment is\u00a0now
\ntreating ransomware attacks<\/b><\/a>\u00a0with the same gravity as terrorism, we hope our latest
\nresearch will help industrial plant owners to prioritize and refocus their
\nsecurity efforts.”<\/p>\n
\n
<\/p>\n
\nControl Systems (ICS) are a crucial element of utility plants, factories and
\nother facilities\u2014where they’re used to monitor and control industrial processes
\nacross IT-OT networks.<\/p>\n
\n
<\/p>\n
\nransomware finds its way onto these systems, it could knock out operations for
\ndays and increase the risk of designs, programs, and other sensitive documents
\nfinding their way onto the dark web.<\/p>\n
\n
<\/p>\n
\nMicro’s report found that Ryuk (20%), Nefilim (14.6%), Sodinokibi (13.5%) and
\nLockBit (10.4%) variants accounted for more than half of ICS ransomware
\ninfections in 2020.<\/p>\n
\n
<\/p>\n
\nreport also revealed:<\/p>\n
\n
<\/p>\n\n
\ncryptocurrency using unpatched operating systems still vulnerable to
\nEternalBlue.<\/b><\/li>\n
\nnewer operating systems by brute-forcing admin shares.<\/b><\/li>\n
\nwidespread in IT\/OT networks, spreading via removable drives.<\/b><\/li>\n<\/ul>\n
\n
<\/p>\n
\nreport urged closer cooperation between IT security and OT teams to identify
\nkey systems and dependencies such as OS compatibility and up-time requirements,
\nwith a view to developing more effective security strategies.<\/p>\n
\n
<\/p>\n
\nMicro makes the following recommendations:<\/p>\n
\n
<\/p>\n\n
\nnot possible, consider network segmentation or virtual patching from vendors
\nlike Trend Micro.<\/li>\n
\nmitigating the root causes of infection via application control software, and
\nthreat detection and response tools to sweep networks for IoCs.<\/li>\n
\nstrong username\/password combinations to prevent unauthorized access through
\ncredential brute forcing.<\/li>\n
\nnetwork behavior to better spot suspicious activity.<\/li>\n
\nenvironments using standalone tools.<\/li>\n
\ncheck the removable drives used to transfer data between air-gapped endpoints.<\/li>\n
\nOT network admins and operators.<\/li>\n<\/ul>\n
\n
<\/p>\n