Cyberattacks have been on the rise as bad actors continue to reap the benefits of their nefarious acts, many shifting their gaze to key industries as a means of gaining leverage. South Dakota is home to various industries—many of which are viable targets for cybercriminals and ransomware. Let’s identify three such industries that need to increase their vigilance.
Cybercriminals understand that if they are able to disrupt the services of an essential business, such as schools, hospitals, or government agencies, they will be able to put pressure on the business to pay the ransom, who are struggling to provide services to their customers. However, while schools, hospitals, and the like have traditionally taken all the attention of the news cycle as far as cyberattacks go, they are far from the only targets that cybercriminals will go after.
Cybercriminals have changed their M.O. in response to the pandemic and the increased reliance businesses have placed on their technology. This shift in motivation signaled the change from stealing and selling credit card information on the Dark Web for pennies on the dollar to looking for bigger scores. While previous scores focused on large retailers or enterprise-level companies, any business is fair game today. Even the fear of government agencies has faded away, as local agencies find themselves targeted by cybercriminals.
Today’s cybercriminals have found they are able to command an average ransom fee of around $200,000 (according to the National Security Institute), which is a far cry from the days of stealing Disney+ credentials. This bloated fee is thanks to the potential ramifications that these attacks now have on the world. It’s one thing to threaten to sell a few dozen sets of Amazon credentials, it’s quite another to shut down most of the East Coast or potentially poison an entire town’s water supply.
Now, statistically speaking, South Dakota isn’t the most impactful state in terms of gross domestic product, but we do play an important role in a few industries that modern society very much relies upon.
While many may still think of agriculture as the quaint mom-and-pop farms of yesteryear, today’s agriculture is big business. In fact, as stated by the United States Department of Agriculture (USDA), agriculture was the number one industry in South Dakota in 2019 and has remained so to this day.
Relying just as much on technology as most Fortune 500 companies, the agricultural industry has similarly found itself a common target for cybercriminals. In order to produce the massive amount of food and other plant-based materials needed to support our society, modern farms heavily rely on technology. Moreover, their importance in the country’s ability to function has made them targets for cybercriminals.
The automated farming equipment used to assist in the successful production of corn, wheat, rye, alfalfa, soybeans, and flaxseed are vulnerable to being compromised and as such bring the risk of cyberattack. Today’s agricultural industry often operates within tight profit margins and any disruption of their timetable can have catastrophic repercussions on their harvests, and bottom-line... not to mention the effect a disruption can have on the nation at large. It is this pressure that cybercriminals rely on and hope would be enough to convince an organization to pay the ransom.
Unfortunately, we often neglect to consider that the agricultural industry relies heavily on the manufacturing process, which increases its attractiveness as a target. Most manufacturing relies heavily on automation, usually in the form of IIoT (the industrial internet of things). The IIoT is critical to manufacturing as the industry has become dependent on devices communicating with other devices in order to perform tasks and to increase efficiency.
Whether it’s scheduling when to water or fertilize crops or (in the case of industrial manufacturing) monitoring a wide range of functions, the IIoT is essential to the smooth operation organizations depend upon. As the age of the smart factory continues to take root, the reliance manufacturers have on IIoT devices is the catalyst that prompts cybercriminals to target the industry. As such, manufacturers are facing increased ransomware attacks.
Additionally, the risk to a manufacturer goes beyond the compromise of their physical infrastructure. There is also the risk of losing their intellectual property in addition to their data. An organization’s intellectual property may be its biggest asset, and losing control of it could be enough to close its business, and is the incentive a bad actor relies on when making ransomware demands.
South Dakota is one of the most visited states in the Union, and our scenery is second to none. Unfortunately, our hospitality industry was struck hard due to the pandemic. In response to the country opening up, and to better serve the influx of visitors, this industry continues to embrace technology. By investing in online solutions such as providing more information and services via the web, and increasing communications, the hospitality industry strives to make its guests as informed, comfortable, and connected as possible. However, this comes at a price.
As the hospitality industry embraces smart technology, such as TVs, digital assistants, and other smart devices, they also increase the risk of cyber activity, as guests access public Wi-Fi. How guests use public Wi-FI is a critical area of concern for the service and tourism industry, and they must focus on ensuring their guests can access public Wi-Fi safely and securely.
The reality is most people don’t use best practices when accessing public Wi-Fi, exposing themselves and unfortunately (if improperly secured) the business’ network to being compromised. The more gateways a business provides to the internet, the more opportunities a cybercriminal has to gain access to their network. A hotel or resort with hundreds or thousands of guests will have as many holes as guests to plug when it comes to their network because each guest is a potential security risk.
Losing the ability to check-in guests, accept online payments, or even being able to provide Wi-Fi could be enough to push a newly-opened tourist destination over the edge... delaying their progress and profit for the season.
There are many more industries besides these three which are at risk of cyberattacks, in fact, it is fair to say that all organizations regardless of size or business are at risk of a ransomware attack. One of Rapid City’s biggest cybersecurity misconceptions is to assume that your business is the one that a cybercriminal isn’t interested in. If you have been following our cybersecurity blogs, you should realize that no business is immune from a ransomware attack, not even yours.
If you’re not sure of the steps to protect your business from a ransomware attack or if you’re just interested in a cybersecurity audit, call 888-891-4201 today to schedule an appointment. We are Rapid City’s premier cybersecurity expert and our managed IT services are designed to protect your business by providing a wide range of solutions.