Cyberattacks targeting the industrial sector are predominantly orchestrated by state-affiliated actors, with internal personnel unintentionally facilitating these attacks about 33% of the time, as reported by Rockwell Automation. This aligns with other industry findings indicating a surge in OT/ICS (Industrial Control Systems) cybersecurity incidents, especially against critical infrastructures like energy producers.
Mark Cristiano, the commercial director of Global Cybersecurity Services at Rockwell Automation, highlighted that energy, critical manufacturing, water treatment, and nuclear facilities are the primary targets. With stricter regulations anticipated for reporting cybersecurity breaches, insights into the nature and severity of these attacks will become more transparent.
In the past three years, OT/ICS incidents have surpassed the total reported from 1991-2000. The energy sector is the primary focus, accounting for 39% of attacks, followed by critical manufacturing (11%) and transportation (10%). Phishing remains the dominant attack method, emphasizing the need for cybersecurity strategies like segmentation, air gapping, zero trust, and security awareness training. SCADA systems are the primary targets in over half of the incidents, followed by Programmable Logic Controllers (22%).
While 80% of threat actors originate externally, insiders inadvertently assist them in roughly a third of the incidents. Of the studied OT/ICS incidents, 60% led to operational disruptions, and 40% resulted in unauthorized access or data exposure. Furthermore, 65% of the time, broader supply chains were affected.
The research underscores the importance of bolstering IT system security to counteract cyberattacks on critical infrastructure. Over 80% of OT/ICS incidents began with an IT system breach, highlighting the increasing interconnectedness of IT and OT systems. Sid Snitkin, VP of Cybersecurity Advisory Services at ARC Advisory Group, emphasized the urgent need for enhanced cybersecurity strategies given the escalating threat landscape.
Source: Help Net Security
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.