Research Findings: 1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Data

Title: Research Findings: 1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Data

Presenters: Daniel Kapellman Zafra, Manager Mandiant Threat Intelligence

Time: On-Demand

Abstract:

The increase in ransomware and multifaceted extortion in 2021 resulted in a surprising risk to Operational Technology. A new study by Mandiant Threat Intelligence revealed that one out of every seven leaks from industrial organizations posted in ransomware extortion sites is likely to expose sensitive OT documentation. In the study, Mandiant observed stolen sensitive documentation that includes network and engineering diagrams, images of operator panels, information on third-party services, and more. With sensitive details on OT environments, attackers can more readily target these systems and networks in a repeat attack.

In this webinar, Daniel Kapellmann, Senior Manager of Analysis at Mandiant will share the research findings and discuss how OT security practitioners can defend against ransomware and multifaceted extortion to protect sensitive OT data.

The discussion will include:

• Understand the risks ransomware-related data leaks pose to OT
• See how leaks about employees, processes, projects, etc. can depict a very accurate picture of an organization’s culture, plans, and operations.
• Learn the tools threat actors use to identify paths of least resistance in IT and OT networks and engineer OT cyber attacks.
• Learn how to prevent and mitigate the risks presented by exposed OT data