New data released by IBM X-Force on operational technology (OT) vulnerabilities confirmed the OT cyber threat landscape is expanding dramatically and assigns percentages to the attack sectors (manufacturing was highest at 65%) and vectors. Excerpts:
So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities.
Sectors:
- 65% – Manufacturing – So far in 2022, manufacturing remains in the lead across both metrics at 23% of total IR cases and 65% among OT-related industries
- 13% – Electric utilities place a distant second at 13%
- 8% – Oil and gas and transportation tied for third at 8%
- 3% -Heavy and civil engineering accounts for about 3%
- 2% – Mining just shy of 2%.
Vectors:
- 78% – Phishing served as the initial infection vector in 78% of incidents
- 11% – Scanning and exploitation of vulnerabilities on external attack surfaces
- 11% – Removable media tied for second place at 11% of incidents, underscoring the long-standing threat that such media poses to OT networks, often by end users using infected USB media drives between operator workstations and personal laptops while in the field.
It should be alarming to every American to see vast amounts of our critical infrastructure in the cross-hairs of a very powerful enemy country with whom we are engaged in proxy war that has the potential to escalate.
It is fascinating to see how the threat landscape and types of threats repeat themselves over the years within different areas of information technology. Though, our traditional Information technology infrastructure is still very susceptible to phishing, Ransomware and network “snoopers”. We need to take the struggles we faced in early information technology and, more importantly, take the solutions and apply them to our OT teams.
Rebuilding, Meshing and establishing new infrastructure strategies for our merging ICS/OT/IT teams is imperative and seems to be an area the industry struggles with. Data being stolen, networks being shut down and Ransom are scary, but imagine waking up and there is no running water or electricity.”