Recent shutdowns of the Colonial Pipeline and JBS meat packing plants are only the latest evidence of a continuing trend. Ransomware is responsible for all OT shut-downs due to cyber attacks since at least the beginning of 2020. Today’s most sophisticated ransomware groups use the tools and techniques that only a few years ago were the sole domain of nation state adversaries: command and control centers, manual remote operation, stealing credentials, lateral movement, data theft and eventually encryption and extortion.

There was a day when owners and operators recognized the power of nation-state attacks but thought to themselves, “yes, but I’m not that important – why would a nation state ever target me?” The answer is now clear: profits.

Multi-million-dollar ransoms are paid routinely by ransomware victims to criminals who use nation-state tools and techniques. Which businesses are today’s targets? Everyone with money.

Abundance of Caution
With rare exceptions, OT shutdowns are not the result of attackers targeting physical operations. Instead, these shutdowns are due, either to crippled IT systems that are essential to operations, or to the victim enterprise not being sufficiently confident of the strength of their IT/OT protections. Without such confidence, owners and operators must shut down their pipelines and manufacturing systems to prevent the potential for unacceptable physical consequences. Public disclosures of these shutdowns generally use keywords such as “pre-emptive” or “abundance of caution.”

Ahead Of the Trend
The ransomware trend shows every indication of worsening in the years ahead. Profitability is driving steadily increased sophistication in criminal tools and techniques. Trying to mitigate these risks with firewalls and intrusion detection systems is a cat-and-mouse game – every year, the mitigations get a little cleverer, but so do the attacks.

To get ahead of ransomware risks to OT networks, don’t mitigate cyber risks, eliminate them with Waterfall’s Unidirectional Security Gateways.

To learn more about Waterfall’s unidirectional protections, or to explore how your OT network designs can benefit from eliminating the risk of targeted attacks, please contact Waterfall for a free consultation with a unidirectional solutions architect.