New SCADA Flaws Allow Ransomware, Other Attacks

By   ISBuzz Team
Writer , Information Security Buzz | May 01, 2017 12:02 am PST

Following the DBIR Verizon report, Ransomware [using technology to extort money from victims] saw a 50% rise from 2016, and a huge jump from the 2014 DBIR where it ranked 22 in the types of malware used, to 5th place this year.

SCADA devices are not immune as an expert has shown that ransomware attacks, dubbed ‘Scythe,’ can infect firmware and disrupt regular processes. Proof of Concept ransomware has also be designed that targets Industrial Control Systems (ICS) by focusing on programmable logic controllers, critical for operations. Edgard Capdevielle, CEO at Nozomi Networks commented below.

Edgard Capdevielle, CEO at Nozomi Networks:

edgard-capdevielle“Historically, SCADA systems were safe behind the physical perimeter but increasingly they are being connected to the internet, to introduce functionality and allow remote access. This has opened these sheltered devices to the same risks the enterprise has been working to deflect, but without the security defences to do so. We need to rethink security so it’s designed in from the outset, so as new technology and working practices are implemented within the ICS and SCADA infrastructure it is secure to prevent threats – such as ransomware, causing widespread damage.

“Having operational visibility provides immediate insights for faster troubleshooting and remediation of cybersecurity and process issues. It also makes it easier for engineers and plant operators to identify affected devices and apply compensating controls before industrial process are impacted.”