9 in 10 ICS pros losing sleep over cyberattack shutdowns

The damage posed by industrial cyberattacks can be disastrous, yet many organizations aren’t prepared
9 October 2019

Automatic filling machine pours water into plastic PET bottles. Source: Shutterstock

When Industrial Control Systems (ICS) go down, depending on the organization and industry, the impact can pose a severe hit on production schedules, the environment, city services— you name it; results could likely be varying degrees of catastrophic. 

It’s no surprise then, that a survey of 263 ICS professionals by cybersecurity firm Tripwire found that more than nine in 10 (93 percent) were concerned about operations being struck down by cyberattacks. 

Respondents came from organizations operating in energy, manufacturing, chemical, dam, nuclear, water, food, automotive and transportation. These sectors have all become digitalized and “connected”, with IIoT enhancing and bringing efficiencies to control and analytics, but those advances at the same time widen the attack surface. 

Kristen Poulos, Vice President and General Manager of Industrial Cybersecurity at Tripwire said, “In these environments, where virtual and physical converge, cyber events can interfere with an operator’s ability to view, monitor or control their processes. 

“Investing in industrial cybersecurity should be a priority in protecting operations from disruption.”

More than three-quarters (77 percent) of those asked said their companies had indeed made cybersecurity investments over the past two years, but 50 percent still feel that current investments are not enough. The majority of the latter (68 percent), said it would take a “significant attack” for their organization to invest more. 

The chances of detecting a cyberattack, and recovery, is bleak, meanwhile, with only 52 percent of organizations tracking more than 70 percent of their assets in an inventory. 

Almost one third (31 percent) don’t have a baseline or normal behavior for their operational technology (OT) devices and networks, and 39 percent do not have a centralized log management solution for their OT devices.

A worrying track record

There has been no shortage of stark examples of the dangers of OT systems coming under attack.

Earlier this year, Norwegian aluminum manufacturer Hydro suffered a ransomware attack that left its operations across the world at a standstill— 22,000 computers were hit across 170 sites across 40 countries worldwide. The firm’s refusal to pay ransom meant recovery costs have been estimated at around $US50 million but could be a lot more.

As far back as 2015, meanwhile, a hack of Ukraine’s power grid caused a blackout affecting 200,000 people, while Kaspersky Labs estimates that over 40 percent of ICS computers on its watch had been attacked by malicious malware at least once in the first half of 2018.

Aware of the destruction cyberattacks inflict on operations, the majority of organizations are reported to have up to 50 cybersecurity tools operating at the same time, contributing to US$70 billion in the cybersecurity market this year alone.

While high investments are being made into cybersecurity, statistics show a minority of organizations are confident in the abilities of their security system. It could be time for organizations to review their plans and goals of establishing a flexible and resilient cybersecurity system.

With new cybersecurity threats developing at pace, cyber threats will only grow more prominent and sophisticated, and organizations need to employ effective approaches to face this challenge.