The global site of the UK's leading magazine for automation, motion engineering and power transmission
20 April, 2024

Twitter link

Staff blamed for more than half of ICS cyber-incidents

11 September, 2019

More than half of all cybersecurity incidents involving industrial networks last year were caused by errors or unintentional actions by company employees, according to a new survey of 282 industrial organisations around the world. A report based on the survey blames this phenomenon on the growing complexity of industrial infrastructures, a shortage of professionals who understand how to detect threats, and low levels of awareness among employees.

The study was carried out by ARC Advisory Group on behalf of the cybersecurity company, Kaspersky. Six-out-of-ten (59%) of the companies surveyed reported that they had experienced cyber-incidents in the past 12 months – an increase from 49% in the previous year. Most of the incidents were in the form of conventional malware/virus attacks (81%), followed by targeted attacks (52%) and ransomware demands (48%). 

The report – called State of Industrial Cybersecurity 2019  – suggests that that the increased use of intrusion detection systems may be exposing more cyber-incidents than were visible in the past.

Around 70% of companies surveyed regard future attacks on their OT/ICS (operational technology / industrial control system) infrastructures as being likely. Their biggest concern about ICS attacks is potential injury or death of employees (cited by 78%), followed by damage to products and service quality (77%) and the loss of customer confidence (63%).

Ransomware attacks have overtaken malware or viruses to become the biggest cyber-worry for companies. Those surveyed cited targeted attacks – also known as APTs (advanced persistent threats) – as their third-biggest concern. The report says that the nature of cyberattacks is changing from undirected attacks to targeted attacks that expose companies to the loss or manipulation of control.

The report gives the example of a metallurgy company that had to shut down for a week earlier this year following a ransomware attack. Its production downtime and system backup costs amounted to more than €50m.

According to the report, digitalisation of industrial networks and the adoption of Industry 4.0 are a priority for many industrial companies, with 81% of the organisations surveyed saying they that regard network digitalisation as an important or very important task for this year. Almost half (41%) of the companies surveyed say they are ready to connect their OT/ICS networks to the cloud.

“The growing interconnection between IIoT edge devices and cloud services continues to stand as a security challenge,” says Dr Jesus Molina, who chairs the International Internet Consortium’s Security Working Group, and is director of business development at Waterfall Security Solutions. “It was a major driver for the creation of the IIC Industrial Internet of Things Security Framework as well as the subsequent best practices documents and recent IoT Security Maturity Model.”

Measures that companies have implemented, or plan to implement, to provide ICS cyber-security
Source: Kaspersky

Awareness of cybersecurity issues is high among the companies surveyed with most of them (87%) reporting that OT/ICS cybersecurity is becoming a top priority for them. However, only just over half (57%) have allocated budgets for industrial cybersecurity protective measures and for the professionals implement them effectively.

The organisations not only lack the cybersecurity experts with the right skills to protect their industrial networks, but they are also are worried that their OT/ICS network operators are not fully aware of behaviours that can lead to cybersecurity breaches. These are the companies’ top two concerns relating to cybersecurity management, and correlate with why so many ICS incidents can be attributed to employees allowing malware infections to occur or letting through targeted attacks.

In almost half of the companies surveyed (45%), staff responsible for the security of IT infrastructures also oversee the security of OT/ ICS networks. Although operational and corporate networks are becoming increasingly connected, OT and ICS specialists often have different approaches and goals when it comes to cybersecurity.

“This year's study shows that companies are seeking to improve protection for industrial networks,” says Kaspersky Industrial Cybersecurity’s brand manager, Georgy Shebuldaev. “However, this can only be achieved if they address the risks related to the lack of qualified staff and employee errors. Taking a comprehensive, multi-layered approach that combines technical protection with regular training of IT security specialists and industrial network operators, will ensure networks remain protected from threats and skills stay up to date.”

  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here



"Do you think that robots create or destroy jobs?"



Most Read Articles