Security threat to critical infrastructure reaches record high

Industrial organizations are speeding up their digital transformation efforts in order to better navigate the Covid-19 pandemic, but have attracted the attention of cybercriminals in the process.

A new report from Nozomi Networks Labs found that 2020 was a record-breaking year in terms of the weaponization of the supply chain, as well as the number, sophistication and destructive force of ransomware.

The report claims that all of the popular ransomware variants – including Netwalker, Egregor or Ryuk – switched from simply encrypting files to exfiltrating data too. Many ransomware operators now steal sensitive data and threaten to release it into the wild, unless their ransom demands are met. Some have also started cold-calling and emailing executives, as a means of further intimidation.

The report also describes the SolarWinds attack as an “unprecedented” event that demonstrates the “massive potential” of attacks that exploit weaknesses in the supply chain.

Healthcare was also a prominent target last year, with nation states using off-the-shelf red team tools to execute attacks and engage in cyber-espionage, and with Covid-19 research facilities being of particular interest.

“While threats may be on the rise, the technologies and practices to defeat them are available today,” said Edgard Capdevielle, Nozomi Networks CEO. “It’s never been more important or more possible to take the necessary steps to detect and defend critical infrastructure and industrial operations.”

Source link