In “The Rise of Disruptionware: A Cyber-Physical Threat to Operational Technology Environments,” ICIT experts explore an alarming trend which sees adversaries disrupting business continuity and introducing severe risk into OT environments through the use of malware that can degrade or halt manufacturing processes, damage reputations, extort money from victims, or accomplish other targeted outcomes.
Disruptionware is an emerging category of malware designed to suspend operations within a victim organization. With recent ransomware incidents (currently the world’s most common disruptionware component) highlighting the harm disruptionware attacks can cause to unprepared organizations, it is critical that business and technology leaders immediately understand this threat and develop risk mitigation plans to protect themselves.
“For those of us in critical manufacturing environments, we shudder to think about the cascading effect that Disruptionware can have within any sector of our Value Chain eco-system” says ICIT Fellow and V.P., Global Chief Security Officer at Lam Research, Jerry Davis. “In those segments where OT is a key and pervasive manufacturing service, Disruptionware poses an existential threat to any business that does not have proper cyber controls in place to reduce the disruption, degradation or total destruction of its business operations. This paper is timely and topical!”
Topics discussed in the publication include:
A definition of disruptionware
Factors contributing to the risk disruptionware poses to manufacturing and other OT environments
High-level case studies of recent incidents such as the LockerGoga ransomware attack
Steps organizations can take to minimize the risk disruptionware poses to their systems
Publicly available resources
This paper was authored by:
Ryan Brichant, ICIT Fellow & Global CTO, Critical Infrastructure Cybersecurity, Forescout
Parham Eftekhari, Executive Director, ICIT
The authors would like to thank the following experts for contributing to this paper:
Elisa Costante, Sr. Director, Industrial and OT Technology Innovation, Forescout
Jerry Davis, ICIT Fellow & V.P. and Global Chief Security Officer, Lam Research
Alex Eisen, Security Researcher, Forescout
Drew Spaniel, Lead Researcher, ICIT
Download this report and the executive summary by clicking the icons to the right.
ICIT would like to thank Forescout, an ICIT Fellow Program Member with deep expertise in OT security for sponsoring this research study.
Read More