The global site of the UK's leading magazine for automation, motion engineering and power transmission
18 May, 2024

Twitter link

Cyberattacks soar to 13 per second – with OT a key target

31 January, 2024

There were more than 420 million cyberattacks on the world’s critical infrastructure last year – equivalent to 13 attacks every second, and a 30% increase on 2022 – according to a new report by the cyber-research organisation, Forescout Research.

The report, 2023 Global Threat Roundup, analyses attacks on sectors including manufacturing, power, communications, waste and transportation.

It finds that OT (operational technology) systems are “under relentless assault”, with industrial automation installations accounting to 71% of these attacks, followed by power grids on 28%, and building automation systems on 1%.

Five protocols bear the brunt of the attacks, with Modbus subject to a “staggering” 33% of all attacks, followed by Ethernet/IP, Step7 and DNP3, each accounting for around 18% of the onslaught. IEC10X accounts for 10% of attacks, with the remaining 2% being distributed among other protocols, the largest of which is the building control protocol BACnet.

The report finds that 163 countries suffered cyberattacks last year with the US being the main target, with 168 malicious actors setting their sights on the nation. In second place was the UK, targeted by 88 actors, followed by Germany (77), India (72) and Japan (66).

Nearly half of the attackers came from just three countries: China (with 155 attackers), Russia (88) and Iran (45).

Although there fewer attacks on software libraries last year, Forescout reports a surge in exploits that target network infrastructures and Internet of Things (IoT) devices. The most common IoT targets included IP cameras, building automation systems, and network-attached storage.

Modbus accounts for a third of attacks on OT systems
Source: Forescout Research

The report finds that only 35% of exploited vulnerabilities appear the Known Exploited Vulnerabilities (KEV) list compiled by the US government’s Cybersecurity and Infrastructure Security Agency, CISA. Forescout says that this emphasises the need for a proactive and comprehensive approach to cybersecurity that transcends reliance on known vulnerability databases.

Despite the challenges posed by the surge in cyber-attacks, Elisa Costante, Forescout’s vice-president of research at Forescout Research, is optimistic about the future.

“While it's true that current efforts have fallen short in fully harnessing crucial technology to fortify critical assets and assess risks, there is an opportunity for improvement,” she says. “The key lies in achieving comprehensive visibility, ensuring real-time contextual awareness of every device, whether managed or unmanaged.

“By doing so,’” she adds, “large enterprises can transition from a reactive defence posture to a more proactive approach, steering clear of the futile game of security whack-a-mole. This shift towards enhanced visibility and proactive defence strategies signals a brighter outlook for critical infrastructure.”

Forescout ResearchX  LinkedIn  Facebook

  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here



"Do you think that robots create or destroy jobs?"



Most Read Articles