|Image source: Tenable|
Dangerous cyberattacks against a range of industries including manufacturing, energy, transportation, and healthcare have become very commonplace, according to a new study.
Cybersecurity company, Tenable Inc., has released the study, Cybersecurity in Operational Technology: 7 Insights You Need to Know. The report was conducted by the Ponemon Institute. The results identify the extent of cyberattacks experienced by critical infrastructure operators — professionals in industries using industrial control systems (ICS) and operational technology (OT). It found that 90% of respondents said their environments had been damaged by at least one cyberattack over the past two years, with 62% experiencing two or more attacks.
Most organizations in the ICS and OT sectors have experienced multiple cyberattacks causing data breaches and/or significant disruption and downtime to business operations, plants, and operational equipment. Many have suffered from nation-state attacks.
Insights Into the State of Cybersecurity
The report offered the following insights about the current state of security when it comes to ICS and OT:
- Most organizations in the OT sector have experienced multiple cyberattacks causing data breaches and/or significant disruption and downtime to business operations, plants, and operational equipment. Many have suffered from nation-state attacks.
- C-level technology, security, and risk officers are most involved in the evaluation of cyber risk as part of their organization’s business risk management.
- Nearly half of the organizations in the OT sector attempt to quantify the damage that a cyber event could have on their business. They’re most likely to quantify that impact based on downtime.
- OT sector organizations expect significant threats in 2019. They voiced concerns about attackers misusing or sharing confidential information. They are also concerned about OT attacks that result in downtime. Worries about nation-state attacks continue at a significant level.
- 2019 governance priorities vary. Increasing communication with the C-suite and board of directors about cybersecurity threats are top priorities for 2019.
- 2019 security priorities address sophisticated threats. The top 2019 security priority is to improve the ability to keep up with the sophistication and stealth of attackers.
- Few organizations have sufficient visibility into their attack surface. Gaining required visibility will continue to be a challenge due to staff shortages and heavy reliance on manual processes.
The report was based on the analysis of of 701 respondents from organizations in the critical infrastructure sector. The organizations are defined as those dependent upon ICSs and other operational technology: energy and utilities; health and pharma; industrial and manufacturing; and transportation.
A Path Toward Mitigation
The convergence of IT and OT in industrial networks is a necessity in today’s digital era. The efficiencies from connected systems is too significant to ignore. This convergence, however, has connected once-isolated OT systems to a variety of attack paths. Cybersecurity experts at Tenable noted that the Ponemon study consists of self-reported experiences and observations from ICS and OT experts, confirming that the threats to critical infrastructure are real, severe, and ongoing.
A cybersecurity expert from Centripetal Networks weighed in on the results of the study. "As noted in the report, attacks continue to be successful due to the lack of cybersecurity teams to keep up with the attack surface,” said Byron Rashed, VP of marketing at Centripetal Networks. “Organizations and various verticals are under constant attack by threat actors and highly organized cybergangs that are looking to monetize their malicious actions. In critical infrastructure, the attacks can be truly devastating. In many cases, the attacks are nation-state driven or inspired.
Rashed offered suggestions on how to avoid or deflect cyberattacks. "Cybersecurity teams need to concentrate on the known threats,” said Rashed. “By blocking known adversary nation-states that target critical infrastructure – using geo blocking – as well as inbound and outbound traffic from known malicious sources, an infrastructure organization will greatly increase their cybersecurity posture. Most breaches come from sources that are known to be malicious. Shifting to a blocking strategy will greatly mitigate risk."
Rob Spiegel has covered automation and control for 19 years, 17 of them for Design News. Other topics he has covered include supply chain technology, alternative energy, and cyber security. For 10 years, he was owner and publisher of the food magazine Chile Pepper.
The nation's largest embedded systems conference is back with a new education program tailored to the needs of today's embedded systems professionals, connecting you to hundreds of software developers, hardware engineers, start-up visionaries, and industry pros across the space. Be inspired through hands-on training and education across five conference tracks. Plus, take part in technical tutorials delivered by top embedded systems professionals. Click here to register today!