Critical infrastructures are increasingly becoming the focus of cybercriminals. More than half of the attacks come from groups close to the state.
Rockwell Automation's global study, "Anatomy of 100+ Cybersecurity Incidents in Industrial Operations," conducted by Cyentia Institute, analyzed 100 cybersecurity events that pose an imminent threat to operational technology (OT) and /or industrial control systems (ICS). As a result, almost 122 data points were collected and evaluated for each incident.
Energy producers are popular targets
The first edition of the report shows that nearly 60 percent of cyberattacks on the industrial sector are carried out by state-affiliated actors. In around 33 percent of cases, internal employees enable this, often unintentionally. This is consistent with other industry research showing that OT/ICS security incidents are increasing in size and frequency. They primarily have critical infrastructure, such as: B. energy producers, the goal.
“Power generation, critical manufacturing, water treatment and nuclear facilities are among the critical infrastructure that have been attacked in the majority of reported cases,” said Mark Cristiano, commercial director of global cybersecurity services at Rockwell Automation. “It is expected that stricter regulations and standards for reporting cybersecurity attacks will emerge, providing the market with valuable insights into the nature and severity of attacks and the necessary defense measures.”
Key findings from the incidents analyzed include:
- The number of OT/ICS cybersecurity incidents in the last three years has already exceeded the total number of incidents reported between 1991 and 2000.
- Threat actors are primarily targeting the energy sector, which at 39 percent is more than three times as likely to be attacked as the next most frequently attacked sector
- Sectors critical manufacturing (11 percent) and transportation (10 percent).
- Phishing remains the most popular attack technique (34 percent), highlighting the importance of cybersecurity tactics such as segmentation, air gapping, zero trust and security awareness training.
- More than half of OT/ICS incidents target supervisory control and data acquisition (SCADA) systems (53 percent), followed by programmable logic controllers (PLCs) (22 percent).
- More than 80 percent of threat actors come from outside the organization, but insiders play an unwanted role in about a third of incidents.
Of the OT/ICS incidents examined, 60 percent of cases resulted in a business interruption and 40 percent involved unauthorized access or disclosure of data. However, the damage caused by cyber attacks extends beyond the affected company, as in 65 percent of cases they also affect other supply chains.
Better protect critical infrastructures
The study shows that strengthening the security of IT systems is crucial for combating cyber attacks on critical infrastructure and production facilities. More than 80 percent of the OT/ICS incidents analyzed began with a compromise of IT systems, which is due to the increasing interconnection of IT and OT systems and applications. The IT network enables communication between OT networks and the outside world and serves as a gateway for OT threat actors.
Employing appropriate network architecture is critical to strengthening an organization's cybersecurity. Simply setting up a firewall between IT and OT environments is no longer enough. As networks and devices are connected to OT/ICS environments every day, equipment in most industrial environments is exposed to attackers. A strong, modern OT/ICS security program must be the responsibility of every industrial company to ensure secure operations and high availability.
About Rockwell Automation
Rockwell Automation, Inc. (NYSE: ROK) is a global leader in industrial automation and digital transformation. We combine the creativity of people with the power of technology to push the boundaries of what is humanly possible and make the world more productive and sustainable. Rockwell Automation is headquartered in Milwaukee, Wisconsin, USA. Rockwell Automation employs approximately 23.000 people serving customers in more than 100 countries.
Matching articles on the topic