ICS/SCADA, Threat Management

Cyber physical attacks may emerge from OT data exposure

Threat actors could leverage operational technology data leaked from ransomware attacks against industrial and critical infrastructure organizations to perform cyber physical attacks that could result in property damage and even endanger lives, according to SecurityWeek. Mandiant researchers found that nearly 50% of ransomware-related data leaks in 2021 affected critical infrastructure and industrial firms and further review showed the exposure of sensitive OT data from 10 of 70 analyzed leaks. "Access to this type of data can enable threat actors to learn about an industrial environment, identify paths of least resistance, and engineer cyber physical attacks. On top of this, other data also included in the leaks about employees, processes, projects, etc. can provide an actor with a very accurate picture of the target’s culture, plans, and operations," said researchers. Mandiant added that even old OT data could be used by threat actors in decades-long reconnaissance efforts as cyber physical systems tend to have long lifespans.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.