On the heels of the most recent worldwide ransomware attack, partners said it is more important than ever for companies with critical infrastructure and IoT devices to secure their environments.
Victims of this week's attacks include the government, banks, and state power utility in Ukraine, as well as the capital Kiev's airport and metro. It also reportedly hit hospitals in the U.S. and the nuclear radiation monitoring system at Chernobyl in Russia.
While the attacks did not appear to target critical infrastructure companies – also hitting companies in the pharmaceutical, shipping, and legal verticals – partners said the instances show that critical infrastructure and IoT security remains a weak point for many companies.
Alton Kizziah, vice president, global managed services at Kudelski Security, said this latest strain of ransomware appears to be more sophisticated than the similar WannaCry ransomware outbreak last month. While it doesn't appear to be targeting critical infrastructure companies in particular, Kizziah said he "absolutely" sees a growing concern around ransomware and critical infrastructure and IoT.
"We think it's just going to become more and more prevalent," Kizziah said, citing examples of ransomware in cars, movie theater kiosks, thermometers, and more. "You're starting to see a lot more of it."
Kizziah said ransomware could severely impact a company's ability to access those control systems. Victims of this week's ransomware attacks cited examples of that by returning to manual systems or even ceasing operations until IT systems could come back online. Systems monitoring the Chernobyl nuclear disaster site, for example, had to monitor radiation levels manually after being hit by the ransomware.
David Johnson, vice president of sales and marketing for The Fulcrum Group, a Keller, Texas-based solution provider, said that the channel plays a critical role in ensuring infrastructure security – especially as more IoT devices come online.
The Fulcrum Group, which works to secure networks for customers implementing connected devices like surveillance camera systems, makes sure that IoT devices get their own separate VLAN – so if IoT devices become compromised, they are on a separate network that doesn't impact the rest of the company's infrastructure.
"We recommend that IoT devices get their own separate logical network," he said. "If you look at some of the recent attacks – such as Target – Internet of Things devices like HVAC systems have been the jumping-off point for hackers. This wouldn't happen if they were on a separate network."