Ransomware known as Bad Rabbit has been circulating in multiple countries on a global basis.
A suspected variant of Petya, Bad Rabbit is ransomware, malicious software that infects a computer and restricts user access to the infected machine until a ransom is paid to unlock it, according to a report released from US-CERT.
As always security experts suggest individuals and organizations not pay the ransom, as this does not guarantee access will end up restored. Using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware.
Ransomware has been a more recent type of attack against industrial control systems.
Email was the entry point for ransomware to get into a North Carolina transmission plant’s computer network a year ago.
Once it was in, it quickly spread and threatened to lock up production until the company paid a ransom. Luckily, the Durham, NC-based company was able to catch and block the malicious code as it was about to head back to its command and control center.
From a financial perspective, Durham, NC-based AW North Carolina stood to lose $270,000 in revenue on top of wages for idled employees for every hour the factory wasn’t shipping its auto parts to nine Toyota car and truck plants across North America, said John Peterson, the plant’s information technology manager.
AW North Carolina is just one of a growing number of firms facing ransomware, which gives the bad guys a quick financial boost and costs manufacturers lost time and money if they don’t pay up.
With the WannaCry attack that hit multiple industries in May and the follow up Petya attack in June, ransomware is becoming a big threat for manufacturers today, and with increased connectivity becoming more of the norm, it has the potential to be a bigger issue in the years to come.
Production lines that integrate automation into production for products — whether it is transmissions, gasoline, chemicals, pharmaceuticals or paper clips — face a greater potential for attack. That is also why increased visibility on to a network is becoming one of the fastest growing trends manufacturers are starting to pick up on.
The Petya ransomware demanded a $300 bitcoin payment to retrieve encrypted files and hard drives. Back in June, the account had received only $10,000. German email company Posteo blocked the email address the Petya hackers were using to confirm ransom payments.
Qute a few companies suffered from the attack like shipping company A.P. Moller-Maersk reported a computer systems outage.
Russia’s top oil producer Rosneft said its servers had been hit in a large-scale cyber attack, but its oil production was unaffected.
Renault and Honda also felt the effects of the attack.