Industry information systems will need improved resiliency capabilities to withstand new cyber and ransomware attacks in 2018 centered around indirect supply chain threats, third-party software vulnerabilities and extortion attempts, according to a new report from Booz Allen Hamilton [BAH].
In their annual cyber threat analysis report, released Thursday, Booz’s Cyber4Sight division predicts hackers and nation-state actors will take advantage of advanced attack capabilities over the next year to deliver more sophisticated attacks to industry networks.
“With the major components present, the most likely scenario is that a threat actor, either nation-state or cybercriminal, will succeed in infecting a major government network with a previously unseen ransomware family or variant in a high-profile attack,” Booz’s Cyber4Sight wrote in its report.
Industry officials should pay specific attention to the cyber resiliency of supply chain systems, according to Cyber4Sight. Hackers will attempt to exploit vulnerabilities in major tech companies’ less-secure supply chain networks as a method for infiltrating their larger systems, according to the report.
Nation-state actors may also compromise supply chains to target critical industry entities by leveraging vulnerabilities in third-party software.
“Going forward, the most obvious fear is that a supply chain attack will successfully compromise an update or a download server for a truly popular piece of software,” Cyber4Sight wrote in its report.
Booz cyber officials predict repeated attempts at disrupting industry similar to the WannaCry and NotPetya global ransomware attacks from 2017.
“The potential threat that we see here stems from what we witnessed this past year with attacks like NotPetya and others that appear to be, as others have noted, nation-state activity. These attacks resulted in destructive and wide-ranging collateral damage. For example, there were production outages that resulted in real financial impact for companies like Honda and others,” Brian Vosburgh, chief strategist for Booz’s Cyber4sight, told Defense Daily.
Cyber officials are urged to update network security protocols to defend against extortion attacks aimed at industrial control systems (ICS).
The report points to a new trend of hackers taking over (ICS) networks and controls until companies are forced to pay the attackers off their systems.
This new ransomware may be installed on human machine interface systems or coded to directly infect ICS components, including industrial robots.
Industry officials may also be cautioned to move toward managed, closed-source platforms for their critical applications through 2018, rather than open third-party software libraries, to bolster their overall cyber security, according to the report.