Attacks on operational technology and the “internet of things” are rising, but a new report has put numbers on the attacks and the figures are even more disturbing than expected.

As detailed in a report from Nozomi Networks SA, the number of attacks on OT and IoT has rapidly increased, with ransomware leading the pack. The number of ransomware attacks grew 116% between January and May, while the average ransom paid per attack grew 43%, to $220,298.

Demonstrating why cybercriminals are increasingly turning to ransomware attacks is the potential payday. According to the report, ransom payments are expected to reach a total of $20 billion by the end of the year. That’s not a typo, nor is it the amount demanded — that’s the figure victims are expected to hand over to ransomware gangs.

The report notes that DarkSide, REvil and Ryuk highlight the growing dominance of ransomware-as-a-service models. Although attacks are often directly linked to a ransomware gang, many offer a RaaS service. In such cases, other cybercriminals pay to use both the code and the infrastructure of a particular gang to target victims. Often, the gang providing the service gets a cut of any ransom paid following a successful attack.

In the OT sector, there is also a rising number of industrial control systems vulnerabilities. Industrial Control Systems are noted as the most susceptible sector, with a 44% increase in discovered vulnerabilities in the five months to the end of May. Vulnerabilities in the critical manufacturing sector rose 148%.

The report recommends that deploying network monitoring devices before deploying IoT devices is a must and warns that even security cameras are a risk.

“Colonial Pipeline, JBS and the latest Kaseya software supply chain attack are painful lessons that the threat of ransomware attacks is real,” Nozomi Networks co-founder and Chief Technology Officer Moreno Carullo said in a statement. “Security professionals must be armed with network security and visibility solutions that incorporate real-time threat intelligence and make it possible to quickly respond with actionable recommendations and plans.”

Image: Nozomi Networks