Cybersecurity In-Depth: Digging into data about the latest attacks, threats, and trends using charts and tables.
Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems
SANS recently published its 2024 State of ICS.OT Cybersecurity report, highlighting the skills of cyber professionals working in critical infrastructure, budget estimates, and emerging technologies. The report also looked at the most common types of attack vectors used against ICT/OT networks.
November 6, 2024
Attacks against industrial control systems and operations technology systems are increasing, as adversaries find weaknesses in IT networks that allows them to move into OT networks, according to a recent report from SANS.
The State of ICS/OT Cybersecurity 2024 report from SANS is based on responses from cybersecurity professionals in various critical infrastructure sectors. There were more non-ransomware incidents (74.4%) reported than ransomware (11.7%) over the past year, according to the SANS report.
Other initial attack vectors involved in OT/ICS incidents include compromising OT and industrial control systems by used of external remote services (23.7%) or internet-accessible devices (23.7%); compromising employee workstations (20.3%) and removable media (20.3%); and a supply chain compromise (20.3%). It's worth noting that 18.6% respondents said attackers attempted spear phishing with an email attachment for the initial compromise.
One out of five, of 19%, of respondents reported one or more security incidents over the past year.
While only 12% of respondents reported being the targets of ransomware attacks in the past 12 months, the impact on the ICS/OT environment remains "potentially catastrophic," SANS said in the report. Of the organizations who reported a ransomware incident, 38% said only IT network systems were impacted and 28.6% said OT and ICS networks were affected. Just 21% said both networks were impacted. More than a third, or 38.1%, said reliabiiy and safety was compromised during those attacks.
"Although the overall trend [ransomware] seems to have decreased, the impacts are still potentially catastrophic, and should be considered for all ICS/OT- specific incident response programs," SANS said.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024