The industrial cybersecurity community, including WaterISAC, continues to emphasize the larger threat to ICS emanates from IT versus OT-centric cyber threats. To further address this issue, ICS cyber forensic firm Dragos posted Implications of IT Ransomware for ICS Environments. Dragos discusses the importance in identifying the propagation methods of IT-based malware, like WannaCry, NotPetya, and LockerGoga in order to more effectively prevent inadvertent impact to ICS operations. The post highlights how spreading mechanisms have weaponized normal business processes, such as SMB and Active Directory resulting in disruptive impact in environments that were otherwise reasonably isolated from enterprise IT. Furthermore, organizations need to identify the attack surface industrial operations exposed to infection through IT-enabled ICS environments. Regardless of the ransomware du jour, the specific threat remains IT-centric, and will likely remain that way for the foreseeable future. Read the post at Dragos
Thank you to everyone who helped make H2OSecCon Spring 2024 happen! As noted during the event, WaterISAC intends to conduct another H2OSecCon this year, so stay tuned for updates!