More cyber attacks on critical infrastructure

13 November 2023
| No comments
More cyber attacks on critical infrastructure

Share post

Critical infrastructures are increasingly becoming the focus of cybercriminals. More than half of the attacks come from groups close to the state.

Rockwell Automation's global study, "Anatomy of 100+ Cybersecurity Incidents in Industrial Operations," conducted by Cyentia Institute, analyzed 100 cybersecurity events that pose an imminent threat to operational technology (OT) and /or industrial control systems (ICS). As a result, almost 122 data points were collected and evaluated for each incident.

Energy producers are popular targets

The first edition of the report shows that nearly 60 percent of cyberattacks on the industrial sector are carried out by state-affiliated actors. In around 33 percent of cases, internal employees enable this, often unintentionally. This is consistent with other industry research showing that OT/ICS security incidents are increasing in size and frequency. They primarily have critical infrastructure, such as: B. energy producers, the goal.

“Power generation, critical manufacturing, water treatment and nuclear facilities are among the critical infrastructure that have been attacked in the majority of reported cases,” said Mark Cristiano, commercial director of global cybersecurity services at Rockwell Automation. “It is expected that stricter regulations and standards for reporting cybersecurity attacks will emerge, providing the market with valuable insights into the nature and severity of attacks and the necessary defense measures.”

Key findings from the incidents analyzed include:

  • The number of OT/ICS cybersecurity incidents in the last three years has already exceeded the total number of incidents reported between 1991 and 2000.
  • Threat actors are primarily targeting the energy sector, which at 39 percent is more than three times as likely to be attacked as the next most frequently attacked sector
  • Sectors critical manufacturing (11 percent) and transportation (10 percent).
  • Phishing remains the most popular attack technique (34 percent), highlighting the importance of cybersecurity tactics such as segmentation, air gapping, zero trust and security awareness training.
  • More than half of OT/ICS incidents target supervisory control and data acquisition (SCADA) systems (53 percent), followed by programmable logic controllers (PLCs) (22 percent).
  • More than 80 percent of threat actors come from outside the organization, but insiders play an unwanted role in about a third of incidents.

Of the OT/ICS incidents examined, 60 percent of cases resulted in a business interruption and 40 percent involved unauthorized access or disclosure of data. However, the damage caused by cyber attacks extends beyond the affected company, as in 65 percent of cases they also affect other supply chains.

Better protect critical infrastructures

The study shows that strengthening the security of IT systems is crucial for combating cyber attacks on critical infrastructure and production facilities. More than 80 percent of the OT/ICS incidents analyzed began with a compromise of IT systems, which is due to the increasing interconnection of IT and OT systems and applications. The IT network enables communication between OT networks and the outside world and serves as a gateway for OT threat actors.

Employing appropriate network architecture is critical to strengthening an organization's cybersecurity. Simply setting up a firewall between IT and OT environments is no longer enough. As networks and devices are connected to OT/ICS environments every day, equipment in most industrial environments is exposed to attackers. A strong, modern OT/ICS security program must be the responsibility of every industrial company to ensure secure operations and high availability.

More at RockwellAutomation.com

 

About Rockwell Automation

Rockwell Automation, Inc. (NYSE: ROK) is a global leader in industrial automation and digital transformation. We combine the creativity of people with the power of technology to push the boundaries of what is humanly possible and make the world more productive and sustainable. Rockwell Automation is headquartered in Milwaukee, Wisconsin, USA. Rockwell Automation employs approximately 23.000 people serving customers in more than 100 countries.

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more

Solar energy systems – how safe are they?

A study examined the IT security of solar energy systems. Problems include a lack of encryption during data transfer, standard passwords and insecure firmware updates. trend ➡ Read more

New wave of phishing: Attackers use Adobe InDesign

There is currently an increase in phishing attacks that abuse Adobe InDesign, a well-known and trusted document publishing system. ➡ Read more

 

Stories
, , , , ,