Blog / 4 min read
The unprecedented events of 2020 had a profound impact on industrial enterprises worldwide, forcing companies to rapidly pivot to a distributed workforce model. This sudden shift significantly increased reliance on remote-access connections, while accelerating digital transformation and making strong, purpose-built industrial cybersecurity increasingly essential.
As we turn the page and move forward into a new year, members of Claroty's executive leadership team have shared the following predictions for 2021:
In 2021, we will see more cyber attacks in the industrial space, especially in sectors such as life sciences and pharmaceuticals, food and beverage, and critical infrastructure. Driven by the need to increase productivity and top line revenues in order to stay competitive, companies in these sectors will digitize their operational technology (OT) networks by connecting them to IT, thereby exposing them to new kinds of cyber threats. At the same time, business leaders in these sectors will become more educated on the prevalence and severity of these threats, and they will be forced to explore new ways of mitigating risk. The connection between improving competitiveness and improving security will become more solidified at the board level.
As we start to see the light at the end of the tunnel with the pandemic, the businesses that will come out on top are the ones that can adapt to change as quickly as possible. In the industrial space, organizations who had established secure connections from OT to IT, thereby enabling remote access to OT, experienced the smoothest transition. COVID-19 has created a huge market for secure remote access to onsite systems and it will only continue to grow in 2021. Even when the vaccine becomes widely available, companies will not fully go back to the way things were. More employees will continue to work remotely in some capacity than before. The way we manage our businesses will change permanently, and therefore the technology we use to do so will change permanently as well.
The move to the cloud for OT applications is already underway and 2021 will see an acceleration. The COVID crisis significantly accelerated digital transformation projects which in turn accelerated plans for consistency across the infrastructure and thus further closed the gap between acceptable deployment patterns for IT and OT.
Ransomware in healthcare will increase significantly. This is driven by a combination of high-profile press on ransomware attacks, which further motivates threat actors, and a very diverse IoT infrastructure, which is fully interconnected to IT and often missing the basic security controls required to withstand a ransomware attack.
Boards of directors, especially of more traditional infrastructure businesses, will diversify by getting new board members who are technology executives and understand how to effectively supervise and drive digital transformations, as every company is becoming a technology company.
As more organizations converge IT and operational technology (OT) systems, these conditions are also going to expand the attack surface available to threat actors. When you look at this dynamic through a ransomware and extortion lens, the view is worrisome.
Attackers are intent on not only gaining a foothold inside corporate networks, and moving laterally until they control critical systems and have access to sensitive information. In the not-too-distant past, the likely next move was dropping ransomware, encrypting key systems, and waiting for frazzled victims to pay. As more and more organizations become hardened to ransomware, practice better security hygiene and have reliable, available backups, recovery is possible without paying ransoms.
Attackers adapted with a new business model whereby they are more likely to extract information and extort victims for cash with threats of selling the data on the underground, or leaking it publicly, putting the victim at a competitive disadvantage should their intellectual property, corporate secrets, or customer data become public.
With OT systems less hardened and much more challenging to update and patch, converged IT/OT networks are likely to be the next fertile hunting ground for attackers fueled by extortion. Often, industrial control systems and OT devices oversee critical processes, and cannot be replaced or powered down for updates without severe interruption of services. OT networks that suffer ransomware or extortion-related attacks won't be able to recover as quickly as traditional IT systems might.
Once the pandemic is over, the majority of the world will have grown very accustomed to working from home so organisations are going to be acquiring smaller office spaces and the workforce will adopt a hybrid approach to working, spending some days in the office and others at home. This means that in terms of cyber security, we'll continue seeing a need for secure remote access, especially for organisations in the industrial sector.
Due to the need for mass-manufacturing of a vaccine, as well as the desire to protect against any future virus outbreaks, we'll also see more and more pharmaceutical and biotech companies investing in cyber security, to protect their vaccine research and development. Likewise, larger companies in the main markets will invest in those types of companies to support them in the fight against the COVID-19 pandemic.