Distributed Cybercrime is a Growing Threat to Critical Infrastructure An innocuous looking email or website visited by a staff member can be all it takes to compromise a facility in seconds

By Ron Davidson

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Shutterstock

Ransomware is not new but has been a growing tool of choice of the cybercrime community in the last few years, capturing headlines for the widespread and brazen way they are able to be installed and holds the victim's data hostage. From WannaCry to NotPetya and BadRabbit, and recent attacks on US-based Boeing manufacturing plant and the City of Atlanta, ransomware is showing its full might.

But little is being said about the business model behind these types of attacks. Ransomware and its larger family of distributed cybercrime have evolved, giving cybercriminals a more organized, sophisticated way to wreak havoc and make money.This business model is a way in which cybercriminals attack many victims in the same campaign. It is proving to be a costly, and a lethal nuisance the right situation.

Why does Distributed Cybercrime Matter?

This commercialization of cybercrime is due to the lower barrier to entry, you don't need massive computational power for brute force attacks or deep knowledge of cybersecurity or cryptography to be effective. Sample exploit code and easy–to–use tools are readily available on the dark web and have the ability to generate a substantial revenue stream with little skill or effort. This has driven professional cybercriminals to develop malware that runs on professional platforms, uses pre-packaged distribution services and leverages knowledge of infection experts to attack the world. They don't know who their victims are — nor do they care. It's the perfect, automated, money-making machine for criminals, creating an ease of use and ROI that is too good to pass up.

  1. Attacks require less effort as they target "low-hanging fruit" (i.e., individuals or organizations with sub-par security)

  2. Attack skill level is low compared to techniques such as spear-phishing — regular ol' phishing is good enough for weak targets

  3. Highly coveted zero-day vulnerabilities are no longer required for profitable attacks — mainstream CVE vulnerabilities with known exploits and existing patches will do, as many victims don't patch regularly

  4. Any standard endpoint is a potential source of revenue, making a complicated lateral movement toward the crown jewels irrelevant

  5. When you attack the world, the sky is the limit — the revenue potentials are endless

How exactly would this type of cybercrime impact a manufacturing plant or other critical infrastructure? It doesn't take much to dupe an unsuspecting victim and install the malware. An innocuous looking email or website visited by a staff member can be all it takes to compromise a facility in seconds. From consumers to manufacturers and critical operations like hospitals, transportation and other civil services— nobody seems immune from the ransomware threat.

Protecting Against Distributed Cyberattacks

Networked systems are complex and attackers have all the time in the world to study and understand them. Plant management doesn't. Don't assume the state–of–the–art security system in place for IT networks has visibility into operational technology that nonetheless is connected to it.

To safeguard against distributed as well as targeted attack, you need to have visibility of your entire attack surface, including IT and operational technology(OT) networks and know that baseline security standards are met throughout your organization.From that fundamental visibility, you can start to see your network as an attacker would, finding paths of least resistance so you can harden your defences.

Organizations with OT networks also need to ensure they can detect vulnerabilities in these environments. Active scanning is prohibited in OT, so passive solutions are required. Vulnerability occurrence data should be analyzed in the complete context of the attack surface — the IT and OT network, security controls, potential business impacts and threat activity in the wild. Only in this context can you accurately prioritize vulnerabilities for remediation in OT networks where patching is carried out only when it's an absolute must. Understanding network and security control context also provide non-patching mitigation options to isolate vulnerable assets until a patch can be deployed.

Visibility and intelligence are key to protecting against a commercialized threat landscape and threat actors who are increasingly turning their attention to critical infrastructure. But by addressing the underlying vulnerabilities and cyber hygiene issues on which these tools and attackers rely, you'll have a strategic impact on your cyber attack readiness.



Ron Davidson

CTO and Vice President of R&D

As CTO and VP of R&D, Davidson is leading Skybox’s long–term technology vision and is responsible for advancing the company’s product innovation and intelligence group, the Skybox™ Research Lab.  Prior to joining Skybox, Davidson served as senior director of security research and analytics for the Cisco’s video security business, and he established and led Check Point's first threat intelligence program.  

Related Topics

Buy a Franchise

Learn the Secrets of Running 20+ Businesses as a Side Hustle — Finding and Nurturing Your 'STIC People'

Explore the critical importance of choosing the right franchise manager and the innovative 'STIC' approach.

Leadership

Great Leaders Must Be Great Coaches — Here's How to Become One

To be a successful leader, you must become an expert in how to help others grow and develop. Here's a research-driven approach for entrepreneurial leaders to coach and effectively develop their teams.

Leadership

How to Win Over the Room With Effective Persuasion Skills

The art of persuasion is not just about the notes, the data, and the pitch; it's about creating a connection that resonates with the audience. We explore how a blend of story, active listening, and genuine interaction can not only capture attention but also win hearts and minds, setting the stage for achieving success in any meeting.

Living

'I Haven't Ticked All the Boxes Yet.' Hilary Duff Reveals Her Next Venture After More Than 2 Decades in the Spotlight — and the Surprisingly Relatable Key to Her Enduring Success

The actor talks entrepreneurship, secrets to success and her latest role as chief brand director for Below 60°, a product line of air fragrances.

Business Process

Don't Fall For These Tricks: 5 Things You Shouldn't Do When Selling a Business

With careful planning and attention to detail, you can maximize the value of your business and ensure a smooth transition for all involved parties when you sell your company. Here's how.

Marketing

How Modern Technology is Rewriting the Rules of Marketing

Over the past decade, we've witnessed a whirlwind of transformative changes that have redefined the very essence of digital marketing.