In Europe, ransomware hits industrial control systems and operating technology almost as often as IT systems. Significant disruption in every second victim. Claroty initiated study The Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption.
Ransomware is also increasingly becoming a problem for industrial systems and critical infrastructure: 80 percent of KRITIS operators and companies that make a significant contribution to critical infrastructure fell victim to a ransomware attack last year. This is the conclusion of the study "The Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption" initiated by the specialist for the security of cyber-physical systems (CPS) in industrial, healthcare and enterprise environments Claroty in times of disruption), for which a total of 2021 security specialists were surveyed.
Europe: Study shows attacks on OT almost as often as on IT
While these attacks hit IT systems much more frequently around the world (32,4%) and operating technology (OT) and industrial control systems (ICS) (20,3%) much less frequently (27%), the difference in Europe is much smaller: Here affected 23 percent of ransomware attacks exclusively the IT systems and 23,3 percent exclusively OT/ICS systems. In almost a quarter (27,1%) both areas were disrupted (worldwide: XNUMX%). Overall, almost every second attack also affects the OT/ICS.
More than 90 percent of the companies attacked informed their shareholders and/or authorities about the incident and reported that in almost half of the cases (49%) the impact was significant or significant. The financial impact of an attack is also significant: just over half (50,3%) of those surveyed estimated that a business interruption as a result of an attack would cost them between USD 100.000 and USD 1.000.000 in sales per hour. This may also explain the relatively high willingness to accept the ransom demands. Worldwide, 62,1 percent of companies paid, in the USA as much as 76,4 percent, but only 46,8 percent in Europe. In most cases, the ransom was between US$100.000 and US$500.000 (32,1%) and between US$500.000 and US$1.000.000 (30,5%).
Digital transformation of KRITIS
The digital transformation has also accelerated in the area of critical infrastructure since the beginning of the corona pandemic: Most clearly in the Asia-Pacific region (for 90,4% of respondents), least in Europe (for 82,3% of companies). The trend towards remote work will continue: 73 percent of companies worldwide want to continue to work remotely to a certain extent in the foreseeable future, in Europe even 80 percent.
The Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption (Image: Claroty).
As a result of the increasing threat landscape, cyber security is becoming an increasing priority for companies. Accordingly, they are increasing their cybersecurity investments and implementing new solutions and processes. The management is involved more and more often, in every second company (52,4%) even to a large extent. Responsibility for secure operation is usually the responsibility of the CISO: OT and IT governance are bundled here in 60 percent of companies. The COO or operations manager is also responsible for the cyber security of the facility in only 25,6 percent of the companies.
There is a desire for more protection
“Our study shows that critical infrastructure security is at a critical juncture, with threats increasing and evolving. At the same time, however, there is also a growing collective awareness and desire to protect our most critical systems,” said Yaniv Vardi, CEO of Claroty. “Security leaders who want to take their programs to the next level need to include all cyber-physical systems in their risk governance practices, segment their IT and OT networks and assets, scale their overall IT cybersecurity practices to their OT devices expand and consistently monitor all networks for threats.” The complete results and analysis can be found in the study “The Global State of Industrial Cybersecurity 2021: Resilience Amid Disruption”, which can be downloaded online free of charge.
More at Claroty.com
About Claroty Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.