ICS networks and IT networks are becoming increasingly entangled (or more politely, “converging”). Workstations and servers on the ICS networks using standard IT operating systems, such as Windows, is becoming more and more common. Unfortunately, and as many ICS operators are all too aware, these changes are making ICS networks more vulnerable than ever to hacking, especially malware and ransomware attacks.
The latest rash of NotPetya and WannaCry ransomware proved cyber attacks are certainly not slowing down, but simply patching systems and device applications can go a long way in preventing them. These two attacks relied on the EternalBlue NSA exploit1 – a security flaw within multiple versions of the Windows operating system – to infiltrate and lock down vital systems, charging a ransom to get them unlocked. However, the patch to prevent these attacks2was already available months before they took place. So why didn’t many major organizations patch their vulnerable systems?