Cyber Threat Intelligence Report Volume 1
July 15, 2021
July 15, 2021
In an era of unprecedented uncertainty, with so many devices scattered throughout enterprise networks, it’s challenging for OT and Industrial Control Systems (ICS) security professionals to keep pace with security demands.
Recent incidents and the large-scale disruptions and cost of ransomware operations illustrate the growing impact of cyber threat activity on enterprise risk across all industry segments. This risk is increasingly difficult to control and mitigate across both IT and OT environments.
While running industrial systems is eased by virtualization in the cloud and the advance of internet-connected devices, these technologies are also introducing new vulnerabilities and risks. In particular, edge devices, such as Internet of Things (IoT) objects, switches and routers to control data flowing in and out of the organization. Bordering IT and OT environments, they are critical to OT security and breaches can provide direct access into OT environments, completely bypassing IT networks.
Security leaders must demonstrate to the C-suite and the board that they understand the importance of both the continuity of operations and working in partnership with the whole business to effectively manage risk.
Our cyber threat intelligence and incident response analysts have gained first-hand visibility into the tactics, techniques and procedures (TTPs) employed by some of the most sophisticated cyber adversaries. This report reflects our analysis during the first half of calendar year 2021.
Accenture analysis in the first half of 2021 identified four trends affecting the IT and OT landscape:
Organizations should focus on preparation, prevention and pre-encryption defenses.
Organizations need to adopt new defensive tools that can counter this growing threat to penetration testing in critical production environments.
Organizations need to consider prevention, rather than response, as the most effective defense against commodity malware threats.
Organizations need to share information among defenders to understand, prevent, identify and respond to threat activity.
Source:
1 Welling, Eric, “It’s getting hot in here! Unknown threat group using Hades ransomware to turn up the heat on their victims,” Accenture, March 26, 2021. Read blog.
About the Authors