Ransomware is becoming more sophisticated and attacks more targeted. Recently, we’ve seen more attacks on the IT systems of manufacturers, logistics companies and healthcare organisations that ultimately target the operational part of the business. Unlike a bank or retailer where the target is customer information, these attacks disrupt the logistics or manufacturing process – they can have immediate real-world impacts.
Once an attacker gains access to an organisation, they will quickly try to infect as many machines as possible using open and unprotected ports and protocols. After the attacker has achieved this reach, the ransomware will detonate and can cause havoc. Unfortunately, detecting an attack at this point is too late, which is why it’s helpful to put in protection proactively before an attack. Restricting the movement of ransomware by closing down unused and high-risk ports isolates ransomware and drastically limits the impact of an attack.
By taking a Zero Trust approach and only allowing known and verified communication between environments, security teams will stop an attack on the IT systems affecting the management or logistics processes. With the move to industry 4.0 and the adoption of cloud connected Industrial IoT, the potential impact of a ransomware attack will only continue to grow. That’s why it is important to act now and put security measures in place that will make our infrastructure resilient to attacks – even once they’ve breached our perimeter.