Cybersecurity Risks in Operational Technology: A Growing Concern

Severity: High (Score: 64.5)

Sources: Siliconrepublic, insights.integrity360.com

Summary

Operational Technology (OT) is increasingly targeted by cybercriminals and nation-state actors, with nearly 40% of OT assets connected to the internet without adequate security. By 2025, it is expected that 70% of OT systems will be integrated with IT networks, leading to a significant risk of cyber incidents. A staggering 72% of industrial cybersecurity incidents originate from the IT environment before affecting OT systems. Attackers exploit weak segmentation, unsecured remote access, and outdated legacy systems, which can result in severe consequences such as production downtime, safety risks, and environmental damage. Many organizations still treat IT and OT as separate domains, which exacerbates vulnerabilities. The need for a unified security approach is critical as the lines between IT and OT continue to blur. Integrity360 emphasizes the importance of combining IT and OT security strategies to mitigate risks effectively. Key Points: • 40% of OT assets are inadequately secured and connected to the internet. • 72% of industrial cyber incidents start in the IT environment before impacting OT systems. • A unified approach to IT and OT security is essential to prevent significant operational disruptions.

Key Entities

• Data Breach (attack_type)
• Malware (attack_type)
• Phishing (attack_type)
• Ransomware (attack_type)
• Energy (industry)
• Manufacturing (industry)
• Utilities (industry)
• T1021 - Remote Services (mitre_attack)
• T1566 - Phishing (mitre_attack)