Digital attackers are increasingly targeting industrial environments these days. Take manufacturing organizations, for instance. Back in late-August, FortiGuard Labs discovered a malspam campaign that had targeted a large U.S. manufacturing company with a variant of the LokiBot infostealer family. It wasn’t long thereafter when Bloomberg reported on the efforts of bad actors to target Airbus by infiltrating its suppliers’ networks.

The story has largely been the same for other industrial organizations, including those that maintain energy utility services. In the second half of July, for instance, Proofpoint observed that malefactors had impersonated the U.S. National Council of Examiners for Engineering and Surveying to prey upon three U.S. utility organizations using spear-phishing emails. A month later, the security firm discovered that those responsible for the attack emails had expanded their list of targeted utility organizations.

Given this surge of attacks, one can’t help but wonder how industrial organizations are doing in their efforts to keep up with industrial cybersecurity (ICS) threats. Tripwire was curious about the same thing and enlisted the help of Dimensional Research to survey 263 ICS professionals working in energy, manufacturing, chemical and other industrial organizations.

These experts’ responses revealed that concern for digital attacks in industrial organizations is high. Eighty-eight percent of respondents told Tripwire that they were worried about an attack. The rate was even higher for survey participants working in the manufacturing and oil & gas sectors at 89 percent and 97 percent, respectively.

When asked to elaborate on their concerns, 93 percent of ICS professionals revealed that their organizations were concerned about the threat of operational shutdowns and downtime. Concerns over the quality of production followed close behind at 86 percent. Meanwhile, company reputation and data exfiltration/stolen data tied at 81 percent of personnel.

ICS Survey chart 1

Two-thirds of respondents went so far (Read more...)