Research Findings: 1 in 7 Ransomware Extortion Attacks Leak Critical OT Data
Title: Research Findings: 1 in 7 Ransomware Extortion Attacks Leak Critical OT Data
Presenters: Daniel Kapellman Zafra, Manager Mandiant Threat Intelligence
Date: March 17, 2022
The increase in ransomware and multifaceted extortion in 2021 resulted in a surprising risk to Operational Technology. A new study by Mandiant Threat Intelligence revealed that one out of every seven leaks from industrial organizations posted in ransomware extortion sites is likely to expose sensitive OT documentation. In the study, Mandiant observed stolen sensitive documentation that includes network and engineering diagrams, images of operator panels, information on third-party services, and more. With sensitive details on OT environments, attackers can more readily target these systems and networks in a repeat attack.
In this webinar, Daniel Kapellmann, Senior Manager of Analysis at Mandiant will share the research findings and discuss how OT security practitioners can defend against ransomware and multifaceted extortion to protect sensitive OT data.
The discussion will include:
- Understand the risks ransomware-related data leaks pose to OT
- See how leaks about employees, processes, projects, etc. can depict a very accurate picture of an organization’s culture, plans, and operations.
- Learn the tools threat actors use to identify paths of least resistance in IT and OT networks and engineer OT cyber attacks.
- Learn how to prevent and mitigate the risks presented by exposed OT data
Daniel Kapellman Zafra, Manager Mandiant Threat Intelligence
Daniel is a Technical Analysis Manager for our Cyber Physical Intelligence team at Mandiant. Daniel oversees the strategic coverage of cyber physical threat intelligence and coordinates the development of tools and solutions to collect and analyze data. He is a frequent speaker on industrial control systems (ICS) / operational technology (OT) topics at international conferences.