Cybercrimes have been one of the most threatening challenges for the security agencies in the last decade or so. Thousands of criminals have been nabbed for their alleged involvement in a number of cyber crimes. With a number of cybercrimes being reported every day, cyber-attacks have never been more active.
Cybersecurity researchers at Dragos have reported that four new hacking groups have come up and they have been targeting industrial systems. These hacking groups have been named – Stibnite, Talonite, Kamacite, and Vanadinite. These groups have joined the list that already consisted of 11 hacking groups that were identified targeting industrial systems.
These groups have been specifically targeting industries like Wind Turbines and Electricity Distributors. These groups attempt to gain access into the industry systems using ransomware and try to encrypt and steal the data. The identification of these hacking groups has its pros and cons.
The groups have been discovered which means it has become easier to discover emerging hacking groups. But it also means that a huge number of hacking groups is on the rise and will hit the industry with a brick.
Sergio Caltagirone, the Vice President of threat intelligence at Dragos has stated that researchers are beginning to understand the threat landscape better than ever.
According to a research paper published by Dragos, 90% of organizations do not even understand their own OT network which helps cybercriminals in being under the radar.
These cyberattacks can also have physical impacts, as the hacking groups have been able to gain access to the electrical power grid systems to the extent where they had the power to shut down everything.
Measures that organisations need to undertake:
1. Organisations should identify which assets have control over the major operations, and then preparing a security plan according to that.
2. There should be network segmentation where IT and OT are separated from each other. This will help in keeping one safe when the other is compromised.
3. Multi-factor authentication should be there for the proper securing of login pages and credentials.