Home / / Industrial plants are prime targets for ransomware threats; report

Industrial plants are prime targets for ransomware threats; report

SANS Institute survey reveals unprotected devices and ransomware are top threats to Industrial Control Systems

Industrial plants are prime targets for ransomware threats; report
The survey also found that basic security practices are not being implemented and identifying such attacks remains a challenge.

SANS Institute had found that ransomware is a top threat that organisations face in securing critical infrastructure.

In its annual survey of Industrial Control Systems (ICS) it revealed that 69% of respondents stated that the level of threats to control systems is high or severely critical. The survey also found that basic security practices are not being implemented and identifying such attacks remains a challenge, as 40% of ICS security practitioners lack visibility.

Additionally, SANS discovered 46% of respondents regularly apply vendor-validated patches and 12% neither patch nor layer controls around critical control system assets.

Ned Baltagi, managing director, Middle East & Africa at SANS, said: "Traditionally, these systems have been less frequently updated and the teams operating them lack dedicated cyber security professionals. This places some of the most critical systems we have in the Middle East at risk of cyber-attack."

"The importance of patching systems and keeping them up to date cannot be emphasised enough," explained Baltagi. "Consider WannaCry which as a ransomware attack was no doubt a top concern for ISC security practitioners. It spread by exploiting a known Microsoft vulnerability which is why unpatched systems played a key role in the spread of the malicious code. Once again, the lack of skilled cyber security professionals or appropriately trained IT staff in the field is impacting the ability of ICS organisations to adequately patch their systems, exacerbating this issue."

Now in its fourth consecutive year, the survey noted some improvements in protecting critical assets and infrastructure, and respondents acknowledged that their ICS security budgets have increased over the fiscal year 2016.

"With higher budgets becoming available to ISC professionals, it is imperative that they are aware of the key issues that the industry faces so they can allocate time and resources to the most pressing issues," concluded Baltagi.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

CHANNEL AWARD 2018