Efficient Plant Nov./Dec 2019 - 16

feature | cybersecurity

Countless
victims have
been caught
up in recent
attacks
despite no
supposed
intention on
the hacker's
part to
target them.

16

and expend their limited resources-time and money-elsewhere.
This thinking, however, ignores two key considerations. First, what you, as an end user, might think is
interesting and what an attacker thinks is interesting
are, more than likely, two very different things. Second, most of the havoc wreaked by hackers over the
past several years falls into the category of collateral
damage. Countless victims have been caught up in
recent attacks despite no supposed intention on the
hacker's part to target them.
Case in point is NotPetya, the global ransomware
campaign from 2017. Researchers and governments
have attributed the attack to Russian government
actors. However, we know that many infections were
reported in Russia. In other words, while the people
who developed NotPetya and exercised the will to
launch it were not targeting organizations in their
own country, the malware nonetheless made its way
into Russian networks.
The lesson of NotPetya is about more than just the
malware's boomerang effects. It is a story of malware
that spread like an uncontrollable and fast-moving
wildfire around the globe. The entire campaign registered damages of more than $10 billion, with multinational giants such as Merck, Maersk, Mondelez, and
FedEx among the victims. Aside from each suffering
tens and hundreds of millions of dollars in downtime
and recovery costs-not to mention reputational
harm-they share one thing in common: They all represent NotPetya's powerful "spillover" effect, i.e., none
were the (intended) targets of the attack.
By all accounts, NotPetya was developed and executed to produce disruptive effects in Ukraine, Russia's neighbor and geopolitical rival. The attackers targeted a popular Ukrainian tax-preparation software
company, M.E.Doc, which propagated the malware
through a software update. The malware was so scalable that it quickly found its way outside of Ukraine
through all of M.E.Doc's customers and its customers'
third parties. Before long, it was everywhere.
Buried in this narrative is the fact that M.E.Doc
hadn't patched its servers since 2013, making life that
much easier for the Russian attackers. Perhaps they
subscribed to the belief that nobody would ever target
them. It's worth noting here that organizations often

| EFFICIENTPLANTMAG.COM

underestimate their value to an attacker. Remember,
from the hacker's perspective, the cost of conducting
a cyberattack is minimal. Not only are most organizations susceptible to relatively basic and cheap tactics
such as spearphishing, but the likelihood of a hacker
being held accountable for their actions is extremely
low. In fact, the lower the profile of the target, the
lower the risk to the hacker. In the case of M.E.Doc,
it was too late by the time investigators arrived on the
scene.
Of course, M.E.Doc wasn't the only violator of good
cyber hygiene. The NotPetya malware used an exploit
known as EternalBlue that was allegedly leaked from
the U. S. National Security Agency and repurposed
for criminal use. It exploited a known vulnerability in
the Windows server message block (SMB) protocol.
Microsoft released an emergency patch in March 2017
in the wake of WannaCry, another global ransomware
attack. However, by June, many organizations had not
yet patched the vulnerability, including those victimized by NotPetya. Not surprisingly, the consequences
were dire.
The moral of NotPetya is simple: Organizations
shouldn't be asking themselves if they will be attacked.
They should be considering how to prepare themselves for when they are attacked. When you're in the
midst of an incident response, it doesn't matter who
attacked or how you were attacked. All that matters is
mitigating the damages and recovering as quickly as
possible.

KEEPING UP
Much of the focus on cybersecurity these days is on
the threat. Indeed, threat is a fundamental component
of cyber risk and organizations must remain vigilant
of the different actors and their tactics, techniques,
and procedures (TTP) to maintain a solid defensive
posture. But much of the cyber risk these days, particularly as it relates to industrial networks, is inextricably linked to the evolution of the technological ecosystem and rapidly changing business requirements.
First and foremost, information technology (IT)
and operational technology (OT) networks are converging at a rapid pace, and often in an ungoverned
manner. Long gone are the days of the "air gap," when
plant operators had the luxury of relying on isola-

NOV/DEC 2019


http://www.EFFICIENTPLANTMAG.COM

Efficient Plant Nov./Dec 2019

Table of Contents for the Digital Edition of Efficient Plant Nov./Dec 2019

Efficient Plant Nov./Dec 2019 - 1
Efficient Plant Nov./Dec 2019 - Cover1
Efficient Plant Nov./Dec 2019 - Cover2
Efficient Plant Nov./Dec 2019 - 1
Efficient Plant Nov./Dec 2019 - 2
Efficient Plant Nov./Dec 2019 - 3
Efficient Plant Nov./Dec 2019 - 4
Efficient Plant Nov./Dec 2019 - 5
Efficient Plant Nov./Dec 2019 - 6
Efficient Plant Nov./Dec 2019 - 7
Efficient Plant Nov./Dec 2019 - 8
Efficient Plant Nov./Dec 2019 - 9
Efficient Plant Nov./Dec 2019 - 10
Efficient Plant Nov./Dec 2019 - 11
Efficient Plant Nov./Dec 2019 - 12
Efficient Plant Nov./Dec 2019 - 13
Efficient Plant Nov./Dec 2019 - 14
Efficient Plant Nov./Dec 2019 - 15
Efficient Plant Nov./Dec 2019 - 16
Efficient Plant Nov./Dec 2019 - 17
Efficient Plant Nov./Dec 2019 - 18
Efficient Plant Nov./Dec 2019 - 19
Efficient Plant Nov./Dec 2019 - 20
Efficient Plant Nov./Dec 2019 - 21
Efficient Plant Nov./Dec 2019 - 22
Efficient Plant Nov./Dec 2019 - 23
Efficient Plant Nov./Dec 2019 - 24
Efficient Plant Nov./Dec 2019 - 25
Efficient Plant Nov./Dec 2019 - 26
Efficient Plant Nov./Dec 2019 - 27
Efficient Plant Nov./Dec 2019 - 28
Efficient Plant Nov./Dec 2019 - 29
Efficient Plant Nov./Dec 2019 - 30
Efficient Plant Nov./Dec 2019 - 31
Efficient Plant Nov./Dec 2019 - 32
Efficient Plant Nov./Dec 2019 - 33
Efficient Plant Nov./Dec 2019 - 34
Efficient Plant Nov./Dec 2019 - 35
Efficient Plant Nov./Dec 2019 - 36
Efficient Plant Nov./Dec 2019 - 37
Efficient Plant Nov./Dec 2019 - 38
Efficient Plant Nov./Dec 2019 - 39
Efficient Plant Nov./Dec 2019 - 40
Efficient Plant Nov./Dec 2019 - Cover3
Efficient Plant Nov./Dec 2019 - Cover4
https://www.nxtbook.com/atp/MaintenanceTechnology/efficient-plant-june-2021
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2021
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2021
https://www.nxtbook.com/atp/MaintenanceTechnology/epjanfeb2021
https://www.nxtbook.com/atp/MaintenanceTechnology/epjulyaug2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epjune2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epmay2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epfeb2020
https://www.nxtbook.com/atp/MaintenanceTechnology/epjan2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epnovdec2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epseptoct2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epmay2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epfebruary2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epjanuary2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epdecember2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epnovember2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epoctober2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epseptember2019
https://www.nxtbook.com/atp/MaintenanceTechnology/epaugust2018
https://www.nxtbook.com/atp/MaintenanceTechnology/0818schneider
https://www.nxtbook.com/atp/MaintenanceTechnology/epjuly2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epjune2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epmay2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epapril2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epmarch2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epfebruary2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epjanuary2018
https://www.nxtbook.com/atp/MaintenanceTechnology/epdecember2017
https://www.nxtbook.com/atp/MaintenanceTechnology/epnovember2017
https://www.nxtbook.com/atp/MaintenanceTechnology/epoctober2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtsept2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtaugust2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjuly2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjune2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmay2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtapril2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmarch2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtfebruary2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjanuary2017
https://www.nxtbook.com/atp/MaintenanceTechnology/mtdecember2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtnovember2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtoctober2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtseptember2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtaugust2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjuly2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjune2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmay2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtapril2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtmarch2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtfebruary2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtjanuary2016
https://www.nxtbook.com/atp/MaintenanceTechnology/mtdecember2015
https://www.nxtbook.com/atp/MaintenanceTechnology/mtnovember2015
https://www.nxtbook.com/atp/MaintenanceTechnology/mtoctober2015
https://www.nxtbook.com/atp/MaintenanceTechnology/mtseptember2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTAugust2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJuly2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJune2015
https://www.nxtbook.com/atp/MaintenanceTechnology/M
https://www.nxtbook.com/atp/MaintenanceTechnology/0415endress
https://www.nxtbook.com/atp/MaintenanceTechnology/MTApril2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTMarch2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTFebruary2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJanuary2015
https://www.nxtbook.com/atp/MaintenanceTechnology/MTDecember2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTNovember2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTOctober2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTSeptember2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTAugust2014
https://www.nxtbook.com/atp/MaintenanceTechnology/MTJuly2014
https://www.nxtbookmedia.com