A staggering total of $329 billion is at risk globally because of poor cybersecurity applied to operational technology (OT) systems, which control facilities such as manufacturing and energy storage, according to cybersecurity company, Dragos.
The days are long gone when OT systems from online hackers were protected by the airgap, effectively a digital moat where all data was transferred manually. Today OT systems are linked to online IT systems to facilitate communication and increase efficiency. But organisations relying on OT systems are now finding that they must now pay too high a price for these gains.
“The OT threat landscape has undergone significant transformation in the past decade. …Cyber criminals, hacktivists, and government adversaries are all applying advanced techniques against OT assets to orchestrate cyber-attacks and other disruptive activities that can disrupt or damage industrial operations,” warns Dragos.
The need for caution raises costs
A significant part of the huge cost of trying to secure OT systems comes from the need for caution, particularly when it comes to critical infrastructure such as energy and water facilities and even nuclear facilities.
“Much of this risk comes from indirect effects to OT networks and operations, either by affecting supporting systems or through abundance of caution shutdowns. The complexities of interconnected OT systems can often introduce compounding aggregate risk in these environments,” says Dragos.
Although the problem is global, the US and Europe have the highest number of OT events. The likelihood is that these regions are those with the most sophisticated and, therefore, the most complex and vulnerable technologies. They are also the most likely targets for cyber-attacks by highly organised cybercriminal groups and by politically-motivated hackers from potentially hostile nation states.
According to Dragos, manufacturing is the sector most likely to be breached. Manufacturers in the US and Europe therefore urgently now need to take immediate steps to secure these systems. These should include: formulating a real-time incident response plan; creating defensible systems architecture and ensuring visibility across the entire network plus constant monitoring of events which are taking place.
