Cyber-physical systems (CPS), such as operational technology (OT), the Internet of Things (IoT), building management systems (BMS) and connected media devices have now become a prime target for ransomware attacks.
According to security firm, Claroty, cyber-physical attacks are now placing significant financial strain across organizations in several key sectors. Almost half of the respondents, 45 percent, to an independent survey commissioned by Claroty report financial losses of $500,000 or more over the last 12 months from cyber-attacks affecting CPS. Over a quarter, 27 percent, report losses of $1 million or more.
“The most financially impacted sectors are chemical manufacturing, power and energy, and mining and materials, with 54-55 percent of respondents in each sector reporting more than $500,000 in losses from incidents in the last 12 months,” says the report, The Global State of CPS Security 2024.
This problem is particularly severe in the healthcare sector, with 78 percent of respondents reporting ransom payments over $500,000, as ransomware and extortion-based attacks on hospitals and clinical environments continue unabated.
Nearly half of respondents globally, 49 percent, also experienced over 12 hours of operational downtime resulting from a cyberattack in the last year. A third reported at least a full day of downtime. Roughly half of respondents, 49 percent, said that the recovery time after an attack was a week or more.
Growing problem of remote access and supply chains
“The most common cybersecurity impacts are process manipulation (selected by 38 percent of respondents) and process disruption (37 percent), which go hand-in-hand with operational downtime,” says the report.
Claroty identifies that a chief underlying problem is the growing challenge of remote access and insecure supply chains. A total of 45 percent of respondents said at least half of their organization’s CPS assets are connected to the internet, as increased connectivity and convergence are exacerbating the need for remote access to CPS.
Just over 8o percent of respondents said that at least one cyber-attack , with 45 percent reporting five or more attacks, in the past 12 months originated from third-party supplier access to the CPS environment. Almost two-thirds, 63 percent, admit to having only partial or no understanding of third-party connectivity to the CPS environment.
