Ransomware is a Critical Threat for Water Utilities – Today, water utilities need to protect themselves from ransomware like never before. Among all of the cyber security threats that water utilities must deal with, Ransomware is arguably the greatest. Many high-profile ransomware attacks on multi-national corporations have been reported in 2020 resulting in millions of dollars of ransom being paid. However, what is not often reported, is that public utilities and municipalities are at equal or even greater risk to suffer ransomware attacks given the systems and critical infrastructure that they operate. In such cases, losses can often be in the hundreds of thousands to millions of dollars. In fact, there were 22 attacks in Texas alone in August of 2019 against municipalities. The HydroPro Network Threat Detection (NTD) Solution protects water utilities against ransomware and other cyber threats.
Ransomware will completely encrypt a water utility’s file systems and data. Depending on the availability of backups, this data is then 100% unrecoverable. In many instances, the attackers will also encrypt all backup data as well. When the victim’s data is fully encrypted, the cyber attackers demand a ransom, typically in cyber currency to avoid all trace (98% of all ransoms are paid in Bitcoin), that must paid within a finite period of time after which the ransom goes up or the data is lost forever. The amount of ransom depends on the situation but is typically in the hundreds of thousands of dollars. Even if the ransom is not paid, it often costs as much, if not more, to recover all systems from the original attack.
The Water Utility Industry is Vulnerable – The water utility market remains one of the most vulnerable industries globally to cyber threats. The graph below illustrates the number of vulnerable products used in different industries (US ICS-CERT 2019), and shows that the Water and Wastewater Systems industry has the #3 exposure to cyber security vulnerabilities globally.
According to Kaspersky, a wave of ransomware attacks was observed across the globe throughout 2019. Attack victims included, among others, various critical infrastructure organizations and industrial companies. Furthermore, there has been a significant increase in the number of ransomware attacks on municipal services. Based on publicly available statistics and statements tracked by Kaspersky, at least 174 municipal organizations were targeted by ransomware in 2019. This is about 60% more than in the previous year.
Ransomware is Bad and Knows Your Vulnerabilities – One of the more well-known ransomware threats is WannaCry (see explanation on page 3). This Trojan threat has been around for over 3 years and is still going strong. Kaspersky has identified that among all industries who were attacked by ransomware Trojans in 2019, over 23% were attacked by the WannaCry malware. For industrial organizations like water utilities, the proportion of users attacked by WannaCry in 2019 to all users attacked by other ransomware is in excess of 35%. Both these figures mean that WannaCry continues to spread over the internet and still poses a significant threat, particularly to industries like water utilities. The diagram below illustrates the operating systems used on ICS computers attacked by WannaCry
It can be seen that the vast majority of systems run Windows 7 (79%) and Windows Server 2008 R2 (15%). The extended support of these legacy systems was discontinued in January 2020. This is of great concern from a security standpoint because updates for such systems are released only in exceptional cases, thus leaving them exceptionally vulnerable to attack.
All it Takes is One Click – It is very easy for a ransomware attack to be initiated. A common method for infection is via phishing emails that can simply be misinterpreted as genuine emails. A single click on this email can expose the entire network to attack unless appropriate cyber security protections are in place. The HydroPro NTD Solution provides a critical component of such protections. The diagram below shows the attack kill chain for a typical ransomware attack via a phishing email.
Given the world we live in, it is essential that public water utilities take immediate steps to make sure they are better protected against ransomware attacks.
Minimize Exposure to Ransomware with HydroPro – The HydroPro NTD Solution is specially optimized to protect against ransomware and other cyber-attacks. This solution passively monitors all network traffic within the water utility’s network 7/24 looking for ransomware attacks and other active cyber threats as they start to penetrate the network. When a cyber-attack is identified, the system immediately alerts the utility and provides clear, easy to understand steps on how to mitigate the threat. The solution is simple to install, requires no active maintenance and automatically updates itself with the latest threat intelligence. Combining on site network detection with cloud-based machine learning and artificial intelligence, the system significantly improves any existing cybersecurity posture by providing critical protection against ransomware and other cyberattacks in real time.
Extensive Ransomware Protection – The HydroPro NTD Solution protects against a multitude of different ransomware attacks including the following: