Internet of Things August 2021 Viewpoints
Ransomware attacks have been a nuisance to organizations for years but are increasing in frequency and severity. Attackers are now going after critical infrastructure, which can negatively affect entire nations. A ransomware attack against Colonial Pipeline resulted in the six‑day closure of an oil pipeline that serves significant portions of the southeastern United States. An attack against JBS, a meat‑processing company that supplies approximately 20% of meat globally, resulted in the temporary disruption of a number of meat processing facilities in the United States, Canada, and Australia. In both cases, the companies paid the attackers millions of dollars of ransom for decryption keys.
The national impacts of these attacks have triggered an aggressive response from the United States government. The US Department of Justice (DOJ) will start treating some ransomware attacks as acts of terrorism and use investigatory tactics it typically reserves for domestic and foreign terrorists. Using a new ransomware task force that will coordinate all investigations, the DOJ plans to go after the entire criminal ecosystem that surrounds ransomware, such as hosting services, cryptocurrencies, and botnets. At the same time, a number of security experts are suggesting that governments begin to crack down on cryptocurrencies because they provide a mechanism for attackers to receive payments while remaining anonymous. If attackers had to use traditional transaction and banking infrastructure, international law enforcement could track payments and identify attackers much more easily.
Ransomware attacks are likely to increase in the near term. A 2021 report from the cybersecurity firm SonicWall notes a 62% increase in ransomware attacks worldwide from 2019 to 2020 and a 158% increase in ransomware attacks in North America over the same period. Two major attacks against large companies within the same month should put all corporate cybersecurity teams on notice. Interestingly, reports indicate that in both cases the companies under attack chose to halt operations even though the attackers did not compromise the IoT systems necessary for operating facilities and infrastructure. Instead, the companies halted operations while they evaluated the severity of attacks, which impacted other parts of their businesses. Future attacks might target connected systems explicitly to cause disruption and chaos in factories and with infrastructure until the victims agree to pay a ransom.
Although stakeholders typically think of ransomware as a problem to solve with better cybersecurity practices, actions by governments to go after payment networks could prove effective. Without a reliable way to receive payments anonymously, attackers would likely decrease the frequency of ransomware attacks, even absent dramatic improvements in cybersecurity practices. However, companies and governments still need to concern themselves with nation‑state attacks that could take critical national infrastructure offline.
Relevant Areas to Monitor
Cyberattacks are increasing in frequency and severity. Networked cyber-physical systems require extensive security measures, because attacks against such systems could cause significant damage. Hackers constantly find new vulnerabilities; therefore, organizations must continually monitor and improve their systems.
Industry 4.0 leverages machines, parts, and services that exchange data and self-configure to support dynamic, agile, and efficient manufacturing processes. Stakeholders expect Industry‑4.0 to revolutionize manufacturing and industrial practices to create self-sufficient systems, but challenges could limit progress.
Opportunities in the Following Industry Areas
- All industries