Incidents like the attack on Norsk Hydro are expected to grow more common, according to a survey on cybersecurity trends in industries using industrial control systems (ICS) and operational technology (OT).
Critical infrastructure (energy, water, heating, agriculture, telecoms, etc.) has become a hot target for cyber criminals. The attack on Norway’s Hydro is only the latest in a string of incidents targeting global critical infrastructure in recent years. According to the clear majority of security professionals in such environments, these attacks are likely to multiply in 2019 and beyond.
A survey sponsored by Tenable and conducted independently by Ponemon Institute reveals that most organizations in the OT sector have suffered multiple cyberattacks causing data breaches and significant disruption to operations, plants and operational equipment. Many reported the attacks were state-sponsored.
As shown below, 90% of OT organizations in the study reported at least one damaging cyberattack over the past two years, with 62% experiencing two or more.
Credits: Ponemon Institute (for Tenable)
In 53% of the breaches, an employee had fallen for a phishing scam. 37% said third-party misuse of shared information led to some attacks. And cyber extortion such as ransomware attacks were reported by 21% of respondents.
Attempting to quantify the damage from these attacks, 49% of respondents put downtime of OT systems at the top of the list, followed by theft of intellectual property (41%), loss of productivity (40%), financial loss (38%), customer turnover (33%), employee turnover (19%), decline in stock price (11%), and other detrimental outcomes.
On the positive side, the C-suite is increasingly involved in cyber defense, with 60% of respondents reporting that C-level executives are most involved in evaluating cyber risk as part of their organization’s business risk management. But the reason for this takes us to the next negative finding: the outlook for cyber threats isn’t very optimistic.
OT sector organizations expect significant threats in 2019, with 65% of respondents listing misuse of confidential internal data as the top threat that will lead to a breach this year.
“This isn’t surprising given many organizations in the OT sector rely on third parties to help them manage and maintain their OT infrastructure,” according to the report.
60% also anticipate downtime to plant and/or operational equipment from an attack to their OT infrastructure. And 21% of OT sector organizations list a nation-state attack as one of the threats they’re most worried about.