Professional Documents
Culture Documents
Intro To Ransomware and Industrial Control Systems (ICS)
Intro To Ransomware and Industrial Control Systems (ICS)
RANSOMWARE AND
ICS
ABOUT ME
DHS-ICS Certified
Extensive background in ICS -
Working in multiple industries
(oil & gas, energy,
manufacturing)
Former Naval Nuclear Engineer
Industrial A Brief Introduction
Control
Systems
OUR WORLD
The Operational
Technology(OT)/Industrial
Control Systems (ICS) world is
being exposed to more threats
than ever seen before. These
systems provide an attractive
target for malicious actors.
01
02 01 OT
Overarching term for
the use of hardware or
software to control
physical processes
02 IT
Applying appropriate
mitigation techniques
to the environment
ICS Security
Architecture
RANSOMWARE AND HOW RANSOMWARE AFFECTS
ICS
ICS
Ransomware Threats Today
The most well-known recent ICS attack occurred
on May 6th of this year and affected Colonial
Pipeline. The attack was considered the most
disruptive attack in history.
1,112 1,097
H1 2021 RANSOMWARE
2020 RANSOMWARE VICTIMS
ATTACKS
RANSOMWARE
25 GROUPS
TRACKED IN
2020
300
200
GROUPS RESPONSIBLE
EXTERNAL
PHISHING WATERING HOLE
INFRASTRUCTURE
How Does Ransomware
Affect ICS?
OPERATING INFORMATION
SYSTEM REPORTING
CHANGES CONTROLLER SAFETY
Malicious actors
CHANGES could report bad
CONTROLS
Changes to an
operating misinformation
Changes to Tampering with
system may resulting in
Programmable safety
present unwanted or
Logic controls could
unwanted unnecessary
Controllers, result in
results. action.
Remote prevention of
Terminal Units fail-safes,
or other putting lives
controllers at risk.
could damage
equipment.
PROTECTING
AGAINST
RANSOMWARE
STAGES OF AN
ICS ATTACK
CYBER KILL
CHAIN
02 MITIGATE
Applying appropriate
mitigation techniques
to the environment
DETERMINE CRITICAL PROCESS RELIANCE
ON IT INFRASTRUCTURE
NETWORK SEGMENTATION
MITIGATE
CONTINUOUS MONITORING
LENGTH OF DATA
A minimum of 12 hours of
data
Thank you