CASE STUDY
hHow has cybersecurity evolved over the years and how have threat groups adapted their strategies to target Operational Technology infrastructure ?
Reflecting on the infrastructure developments over the past 20 to 25 years , there ’ s been a notable shift from highly customised systems to more standardised and interconnected ones . This evolution has simplified vulnerabilities in many ways . However , alongside this , attacks within industrial control systems and the IoT space have also evolved .
Around 10 years ago , adversaries focused on impacting specific devices with significant resources . Now , they ’ ve expanded their capabilities to affect various devices across different vendors and controller types . This broadened reach demonstrates their increased proficiency to impact multiple verticals and facility types simultaneously . This analysis is evident in the Dragos OT Cybersecurity Year in Review report .
The OT Cybersecurity Year in Review report recorded a 50 % increase in ransomware attacks on industrial organisations over the last year – what are some specific challenges manufacturers face ?
Manufacturing sectors face tight margins and often lack dedicated security budgets . This results in vulnerable perimeters around production lines , whether in chemical or widget manufacturing . Ransomware attackers typically target corporate environments , lacking expertise in Operational Technology ( OT ) systems . However , weak security between corporate and OT environments leads to what I call a spillover or collateral damage . Ransomware incidents disrupt production , causing revenue loss . These attacks are opportunistic , driven by the desire to inflict maximum pain on victims .
The report stated that over 70 % of ransomware attacks are directed at manufacturers . What are the effects and impacts on supply chains ?
Firms facing downtime , whether short-term or extended , experience a noticeable decline in trust and contractual integrity , leading to potential disruptions .
Another concern during a ransomware attack is the risk of an organisation transmitting the ransomware to its customers which amplifies supply chain vulnerabilities . This extends to service providers and various connectivity avenues , posing threats to both customers and workforce rights .
What steps can industrial organisations take to strengthen their cybersecurity posture , especially where patching is not always feasible ?
In the business landscape , a company ’ s most crucial assets are its production systems , whether
62 INTELLIGENTCIO APAC www . intelligentcio . com