New data released by IBM X-Force on operational technology (OT) vulnerabilities confirmed the OT cyber threat landscape is expanding dramatically and assigns percentages to the attack sectors (manufacturing was highest at 65%) and vectors. Excerpts:
So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities.
Sectors:
- 65% – Manufacturing – So far in 2022, manufacturing remains in the lead across both metrics at 23% of total IR cases and 65% among OT-related industries
- 13% – Electric utilities place a distant second at 13%
- 8% – Oil and gas and transportation tied for third at 8%
- 3% -Heavy and civil engineering accounts for about 3%
- 2% – Mining just shy of 2%.
Vectors:
- 78% – Phishing served as the initial infection vector in 78% of incidents
- 11% – Scanning and exploitation of vulnerabilities on external attack surfaces
- 11% – Removable media tied for second place at 11% of incidents, underscoring the long-standing threat that such media poses to OT networks, often by end users using infected USB media drives between operator workstations and personal laptops while in the field.