Ransomware attacks are now not restricted to attack personal computers only but many of the ransomware has already proved that they can infect the entire network, business enterprises, organizations and governmental facilities. The cyber-security experts at Georgia Institute of Technology have predicted something really dangerous. According to researchers, David Formby and Raheem Beyah, the industrial infrastructure is going to face a severe ranosmware attack soon. In order to check the vulnerabilities of the Control System and detect the possible threats, these researchers did an experiment. The developed a LogicLocker ransomare and attacked it on a water treatment plant. Surprisingly, the ransomare was able to attack the programmable logic controllers (PLCs) and altered its readings, increased the chlorine amount, and was able to take control over the building management systems such as escalators, elevators and so on. This was just an experiment but it can turn out in reality as well. It can really mess up everything in real life scenario. It will be major threat for Industrial System and also for the society.
These researchers scrutinize the security of few Industrial facilities such as their security set-ups, password protection etc. and concluded that there are so many vulnerabilities. The security settings were not up to the mark and the authorization system for PLCs is totally messed up. The attackers can easily take advantage of the poor security policy and password and could take over the industrial control system. Though most of the Control System are not directly connected with Internet but there is high possibility that operators doesn’t know about all the possible connections and Control System often gets connected somehow by one way of the other.
The motive of Cyber-security expert is to bring attention that Industrial System security protocol is not intact. It security vulnerabilities could be easily exposed to cyber-criminal and they can easily hijack the entire network of Organization and Industrial System. It is important to strengthen the monitoring systems so that operator could get real-time information about the attack and modification in the PLCs. The industrial organization must strengthen their security settings and uproot the loopholes. They must educate their employees about the possible ransomware attacks that could occur on the Industrial Systems.