New Research Finds Cyberattacks Against Critical Infrastructure on the Rise, State-affiliated Groups Responsible for Nearly 60%
- Nearly 60% of cyberattacks against the industrial sector are led by state-affiliated actors
- OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000
- Threat actors are most intensely focused on the energy sector (39% of attacks)
- Phishing remains the most popular attack technique (34%)
- In more than half of OT/ICS incidents, Supervisory Control and Data Acquisition (SCADA) systems are targeted (53%)
- More than 80% of threat actors come from outside organizations
- The damage of cyberattacks extends beyond the impacted enterprise, as broader supply chains were also impacted 65% of the time
- More than 80% of the OT/ICS incidents analyzed started with an IT system compromise
- None.
The first edition of the report finds nearly
“Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents,” said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. “Anticipating that stricter regulations and standards for reporting cybersecurity attacks will become commonplace, the market can expect to gain invaluable insights regarding the nature and severity of attacks and the defenses necessary to prevent them in the future.”
Based on incidents analyzed, key findings include:
- OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.
-
Threat actors are most intensely focused on the energy sector (
39% of attacks) – over three times more than the next most frequently attacked verticals, critical manufacturing (11% ) and transportation (10% ). -
Phishing remains the most popular attack technique (
34% ), underscoring the importance of cybersecurity tactics such as segmentation, air gapping, Zero Trust and security awareness training to mitigate risks. -
In more than half of OT/ICS incidents, Supervisory Control and Data Acquisition (SCADA) systems are targeted (
53% ), with Programmable Logic Controllers (PLCs) as the next-most-common target (22% ). -
More than
80% of threat actors come from outside organizations, yet insiders play an unintentional role in opening the door for threat actors in approximately one-third of incidents.
In the OT/ICS incidents studied,
The research indicates strengthening the security of IT systems is crucial to combatting cyberattacks on critical infrastructure and manufacturing facilities. More than
“The dramatic spike in OT and ICS cybersecurity incidents calls for organizations to take immediate action to improve their cybersecurity posture or they risk becoming the next victim of a breach," said Sid Snitkin, vice president, Cybersecurity Advisory Services, ARC Advisory Group. “The threat landscape for industrial organizations is constantly evolving, and the cost of a breach can be devastating to organizations and critical infrastructure. The report’s findings underscore the urgent need for organizations to implement more sophisticated cybersecurity strategies.”
The full findings of the report can be found here.
Methodology
For this report, Rockwell Automation commissioned the Cyentia Institute to analyze data from 122 cybersecurity events across the globe, which occurred from 1982-2022. The Cyentia Institute’s team collected and analyzed nearly 100 data points surrounding individual incidents involving the direct compromise or disruption of OT/ICS systems. The resulting report was developed to share instructive insights about actual OT/ICS cybersecurity attack activity.
About Rockwell Automation
Rockwell Automation, Inc. (NYSE: ROK) is a global leader in industrial automation and secure digital transformation. We connect the imaginations of people with the potential of technology to expand what is humanly possible, making the world more productive and more sustainable. Headquartered in
About the Cyentia Institute
The Cyentia Institute is a research and data science firm dedicated to the mission of advancing knowledge in the cybersecurity industry. We accomplish this by partnering with a variety of organizations to perform comprehensive data analysis and publish high-quality, data-driven research. To learn more, contact us.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230919470756/en/
Michelle Stange
Public Relations Lead
+1 414-218-8008
Michelle.Stange@rockwellautomation.com
Source: Rockwell Automation, Inc.