Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity NewsEnterprise Services

Rise of ransomware: Why OT is a prime target for cybercriminals

By Mike Dow
ransomware
August 31, 2020

While the burgeoning world of Internet of Things (IoT) has transformed the ways in which we live and work, the world of IoT has also caught the attention of cybercriminals. As IoT devices become increasingly more advanced, hackers have simultaneously become more sophisticated in their attacks, often targeting pre-existing security loopholes to gain access to company systems. In recent years, malicious actors have gone from what were once singular hackers to entire organized companies, which some have dubbed “the cyber mafia.” These groups are launched with the sole intent to exploit major enterprises and make lump sums off of their cyber corruption.

Ransomware attacks in particular have become one of the most notorious ways for cybercriminals to extort corporations for millions of dollars. According to a recent report from SonicWall, ransomware attacks increased globally by 20 percent in the first half of 2020. Earlier this year, we saw this play out right before our eyes with the foreign exchange company Travelex, which came under attack by the REvil ransomware that put its website and mobile app offline and left customers without access to their travel money. The company reportedly paid a whopping $2.3 million in Bitcoin to the hackers to bring their systems back online, and it has since filed for bankruptcy in early August.

Cybercriminals are also leveraging ransomware to target physical hardware as well, including unsecured operational technologies (OT), which help run physical processes like that in industrial equipment or critical infrastructure. OT has become a prime  target to hit because organizations typically don’t run security patches on them as frequently as they would with IT systems. Updating traditional OT systems is often viewed as a daunting task for organizations that takes extensive resources and time to achieve and can be seen as an inconvenience more than a necessity.  

Unfortunately, leaving these OT systems vulnerable to attack has created a goldmine for hackers. This is especially true as more connected devices are introduced into the operational technology, increasing the level of access and exposing potential vulnerabilities. Hackers are also very much aware that these companies have a lot to lose and are willing to pay up to regain access to their operations, and a wide variety of institutions such as universities, hospitals, manufacturing companies and local and state governments have fallen victim to these attacks in recent years. According to IBM’s 2020 X-Force Threat Intelligence Index report, in the first half of 2019, more than 70 government entities alone were hit with ransomware.

Another reason hackers attack OT systems is because it’s potential to inflict extensive damage – far more than an attack a single IT device would, forcing the company to comply with the hackers' demands. For example, an OT attack on a hospital that prevents doctors and nurses from helping patients could potentially end in tragedy, leaving the hospital absolutely no other choice but to give malicious actors what they want. We've seen this kind of damage already, and if proactive steps are not taken by organizations to protect themselves and mitigate these issues down the line, they will be forced to pay a hefty price - not to mention deal with the ramifications of tarnished brand reputations in the future.

While there are many steps that organizations can take to help tackle these issues head on, one of the biggest is to simply make security a sustained priority. This is ultimately a cat and mouse game, and cybercriminals are continually adapting to security countermeasures. It is up to companies to ensure that they do the same. By taking stock of what systems are in place, increasing visibility around known and potentially unknown vulnerabilities, and addressing these threats through regular security patches, companies will be in much stronger positions to minimize future fallout. While it is clear that OT systems and IoT devices are growing targets and the historical lack of security measures around them makes it a challenge for companies, prioritizing security overall and identifying existing security loopholes are the first steps in ensuring that hackers have less direct access to critical systems.

Another strategy can be to partner with industry experts. Until recently, the lack of globally recognized IoT security standards has caused market confusion when it comes to connected device security and lack of harmonized standards for organizations to strictly follow. Industry-led non-profits such as the ioXt Alliance and others are working to change this narrative and offer the right resources for companies to learn directly from their industry peers on best practices, the means to test and certify current and future connected technology, as well as initiatives to actually advance connected device security and its ecosystem across the world.

Although ransomware attacks have grown, it is up to organizations to stay vigilant in protecting their systems, employees and customers. One of the most threatening things an organization can do is sit back and do nothing, and by putting security at the forefront and not as an afterthought, companies will more successfully minimize their risk for detrimental scenarios now and in the years to come.

KEYWORDS: cyber security information security Internet of Things ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Mike dow 4826

Mike Dow is Senior Product Manager- IoT Security at Silicon Labs. He has worked in the semiconductor industry for Motorola, Freescale, NXP, and now Silicon Labs for the past 25 years. He has a Professional Engineering License in the state of Texas. He has extensive experience driving and participating in wireless standards organizations such as IEEE and ISA and helped form the Wireless Industrial Technology Consortium (WiTECK) where he filled the position of Chair and President from 2007-2009. He has worked for the last 11 years in the roles of Business Development, New Product Development, and Marketing where he specializes in Security, Connectivity, IoT, Industrial IoT, Point of Sale, and Smart Energy verticals.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • e-tower1-900px.jpg

    Energy Sector is a 'Prime Target' for Cyberattacks

    See More
  • Cybersecurity Leadership Images

    How Healthcare is a Major Target for Cybercriminals

    See More
  • ambulance on street

    Why is healthcare a top target for cybersecurity threats?

    See More

Related Products

See More Products
  • highriseproductphoto

    High-Rise Security and Fire Life Safety, 3rd edition

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

See More Products

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!