The latest ransomware attack on yet another utility company echos the warnings from last year’s report on utilities’ readiness for a cyberattack.
Just two weeks ago, Massachusetts utility company, Reading Municipal Light Dept (RMLD), announced on their website that they had become the victim of a ransomware attack. Calling it a “targeted” attack, RMLD becomes just one of many utility companies to be the focus of cyberattacks by eleven different cybercriminal organizations.
Utility companies are known to be plenty aware of the threats, and are thinking about attacks in terms of both Information Technology and Operational Technology. But, according to Siemens, only 42 percent of utility companies rated their cyber-readiness as “high”, casting doubt on whether they are truly ready. This gives cybercriminals the upper hand, as they are ready and willing to go on the attack.
In the case of RMLD, no operational systems were impacted, and the attack was isolated. But attacks like these can go completely wrong, taking entire operations down. With Operational technology being rated as 10-20 years old, the possibility of vulnerable endpoints, applications, and browsers is high.
Utility organizations need to both work quickly to update any and all network endpoints, even if managing operational technology. For example, hosting an older OS as a VM rather than as a physical endpoint could be one way to remediate the risk older environments pose.
In addition, educating users through Security Awareness Training keeps them from engaging with suspicious and potentially malicious emails and web content – a leading attack vector for ransomware today.
It appears that RMLD got off lightly, the next utility may not be so lucky.