Cyber Threats to Physical Systems are Increasing in Sophistication and Volume
The recent growth in cyber-attacks against operational technology (OT) systems is unprecedented.
According to IBM’s 2020 X-Force Threat Intelligence Index report, targeted attacks against Industrial Control Systems (ICS) and OT assets have “increased over 2,000 percent since 2018.”
“In fact, the number of events targeting OT assets in 2019 was greater than the activity volume observed in the past three years combined.” These attacks represent a clear and present danger to manufacturers and other critical infrastructure sectors.
2020 Attack on Honda Facilities Shows Accelerating Threat to Manufacturers
The June 2020 cyber-attack against Honda was another sign that the capabilities of criminal cyber attackers continue to evolve and can become more dangerous to OT infrastructure.
As described in The New York Times, “…the attack appears to have been carried out by software designed to attack the control systems for a wide variety of industrial facilities like factories and power plants.
Such cyberweapons previously were only known to have been used by state agents.”
2019 Norsk Hydro Ransomware Attack Cost Millions
The 2019 LockerGoga ransomware attack against the Norwegian aluminum parts manufacturer Norsk Hydro is also a good example of the stakes. That attack cost the company $52 million in the first quarter of 2019. Norsk Hydro had to halt production temporarily, and one of its main production units was forced to unplug and shift to manual operations.
In some ways, Norsk Hydro was lucky. It was able to restore operations relatively quickly. But when a plant loses control of operational control systems, the results can quickly become catastrophic.
2014 German Steel Plant Control Systems Attack
*** This is a Security Bloggers Network syndicated blog from The Mission Secure Blog authored by Roark Pollock. Read the original post at: https://www.missionsecure.com/blog/hundreds-of-thousands-of-orgs-hacked-in-microsoft-exchange-server-zero-day-exploits-0