GovLoop

Report: Malicious Actors Eye Vulnerabilities in Industrial Tech

Among the cyber-related stories that made the airwaves in 2021 were significant examples of cyber insecurity within the industrial community. There was an attack against a city’s water treatment facility that aimed to poison drinking water. There was a ransomware offensive against a large pipeline operator that tangled gas supplies in the southeastern U.S. for days. And among other events — many the public never learned — there was a Bitcoin ransomware plot against one of the world’s largest beef suppliers, which has facilities in this country.

For all of the industrial community’s many achievements, its cybersecurity challenges raise considerable concerns not just for a single company or market, but for daily life in the U.S. And so with that in mind Dragos, which helps industrial firms protect their cyber infrastructure, has released its fifth annual Year in Review.

The report offers observations on cyber threats, vulnerabilities, assessments, and incident responses related to Industrial Control Systems (ICS) and Operational Technology (OT). The purpose of the report is to offer context (what the study calls “ground-truth reality”) around the sensational stories, so the industry can better understand and respond to threats.

Four Key Findings

We can start with a few statistics on what 2021 looked like across the industrial sectors Dragos examined. Those included electric, oil and gas, food and agriculture, manufacturing, chemical, transportation, nuclear, water and wastewater, technology (i.e., data center building automation equipment), and mining entities.

According to the report, there is room to improve cybersecurity readiness. Dragos broke the problems down into four main categories.

2021 Vulnerabilities

There were twice as many common vulnerabilities and exposures (CVEs) published last year than in 2020, and Dragos reported three new “threat activity groups” actively targeting the ICS/OT space: KOSTOVITE, PETROVITE and ERYTHRITE.

“In many industrial sector compromises,” the report explained, “weak boundaries between OT and IT, and poorly understood interactions between these systems, coupled with the rise in remote access (as more organizations rely on their work-from-home staff), have increased the overall risk.”

Ransomware was the single largest cause for concern. The manufacturing sector accounted for 65% of industrial ransomware attacks — and that’s an especially troubling trend, according to the study, because the manufacturing sector is “often the least mature in their OT security defenses.”

5 Security Controls Recommended

The new edition of Year in Review offers five specific recommendations for organizations that need to harden the security of their industrial OT, carefully chosen to offer maximum impact.

Because not all vulnerabilities are created equal, the Year in Review assesses their various impacts, weighs the effectiveness of current assessment tools, and offers suggestions for tackling 2022 vulnerabilities — among other guidance and statistics.

Photo by Simon Kadula on Unsplash

Exit mobile version