IoT hyperconnectivity and obsolescence, the main cyber-attack risks for the industrial sector

The first months of the year 2022 have been turbulent, especially in the industrial sector, as it has become one of the main focuses where cybercriminals have set their sights internationally. Proof of this is that 40% of industrial organizations have been victims of a cyber attack in the last year, as pointed out by Capgemini Research Institute.

In fact, the industrial and energy sectors continue to be the most vulnerable, followed by the health and retail sectors.

"It is evident the growth of vulnerabilities in recent times and this does not go unnoticed by cybercrime. We come from a few years in which companies are increasingly prone to connect industrial systems (OT) with corporate networks (IT) to facilitate management, which increases the attack surface and makes these OT systems are affected by exploitable vulnerabilities through corporate networks to which attackers can have easier access "

David Purón, CEO of Barbara.

The massive introduction of new IoT devices, which in many cases do not meet high security standards, into industrial networks in all types of environments and infrastructures such as energy, water treatment, mining, food production, transportation or oil and gas, causes enormous cybersecurity risks and presents a gateway for attackers. This is coupled with an increasingly rapid obsolescence of equipment and networks; not to mention increased connectivity due to teleworking implemented on a massive scale since the beginning of the pandemic.

In order to assess the situation of the sector in a complete picture of what is happening with regard to cybersecurity, its causes and possible solutions, Barbara has carried out research in this regard where it highlights that cyber-attacks have a devastating impact on companies, costing them millions of euros. As Cybersecurity Ventures points out, the damage caused by cybercrime is expected to reach $10.5 trillion per year by 2025 worldwide.

As ICS-CERT data show, in 2021 more than 1,000 fragile points were found. Data that contrasts with previous years, since without going too far back in time, in 2020, that figure was half. Not only that, but forecasts indicate that three out of four companies will suffer an attack that will affect their industrial production environment.

In addition, last year, 30% of cyber-attacks in 2021 were of the ransomware type, 56% of which had an impact on operations (Enisa). Many of them, in critical infrastructures, with the consequent paralysis of services for weeks; all of this entailing losses of between 200,000 and 800,000 dollars.

Industry, IT, government, healthcare, finance, transportation, education, and energy: most affected by ransomware

If we go into detail, the sectors most affected by attacks in 2021 were research and education with an average of 1,605 attacks per week per organization, an increase of 75% over 2020. A figure almost matched by the government and military sector, with 1,136 attacks per week (47% increase); closely followed by telecommunications, with 1,079 attacks per week per organization (51% increase).

On the other hand, sectors such as the electricity industry are already working to try to quell damages and, above all, to prevent them. In this regard, 68% of companies are expected to take out cyber liability insurance. Between June and August 2021 alone, electricity companies faced more than 1,780 DDoS attacks, 595% more than the previous year.

In this line of searching for solutions and working on a line of prevention, one technology seems to emerge as the key: Edge Computing.

"In this environment of the need to interconnect OT networks with IT for productivity improvement, we have seen how connection to the cloud exponentially increases the risk of cyber-attacks due to vulnerabilities within the reach of cybercriminals."

David Purón, CEO of Barbara.

It is with these ingredients that edge computing is positioning itself as a more secure option for performing some tasks such as AI-based process analytics or advanced automation. The closer digital information is processed, the smaller the attack surface.

In addition, another advantage of Edge Computing is the speed of managing and deploying upgrades as opposed to manual management by plant operators, which means significant savings in time and cost. Through Edge Computing nodes, we can remotely schedule upgrade routines, start them during off-peak hours, or even schedule them in batches to minimize any risk.

If you'd like to learn more about the state of industrial cybersecurity in 2022, download our latest Whitepaper.

Download the Industrial Cybersecurity 2022 Whitepaper

‍