The Current OT/ICS Threat Landscape - Dragos' Annual ReportFindings Show Threat Groups, Vulnerabilities and Ransomware All on the Rise
The 2021 Dragos ICS/OT Cybersecurity Year in Review report says the number of industrial organizations with external connections to their industrial control systems has doubled, yet 86% of organizations report limited to no visibility of ICS environments. Tom Winston outlines the top challenges industrial organizations need to address.
Findings from the report show that ransomware has become the number one attack vector in the industrial sector. Ransomware groups - Conti and LockBit 2.0 - caused 51% of total industrial ransomware attacks, and 70% of their activity targeted manufacturing.
Winston recommends adopting a "holistic" approach to ransomware defense, "not just looking at your specific individual environments out of context but contextualizing how these environments are connected with each other," he says.
He also says that risk assessments are "critical" for preventing ransomware attacks. "The risk assessment needs to be a conversation between operational technology engineers and the enterprise IT portions of the organization."
In a video interview with Information Security Media Group, Winston discusses:
- The current OT/ICS threat landscape;
- Activity groups targeting operational technologies;
- Recommendations for improvement.
Winston is a cybersecurity subject matter expert focused on threats to critical infrastructure - ICS/SCADA - systems, as well as foreign cyber intelligence and threat analysis. He has over 25 years of professional experience in cybersecurity, ICS/SCADA systems, critical infrastructure protection, academics, and systems and network engineering. Winston joined Dragos after serving for several years as a professor of cybersecurity engineering at George Mason University.