Rising Cyber Threats Targeting Industrial Control Systems

Severity: High (Score: 75.0)

Sources: www.enisa.europa.eu, kpmg.com, Industrialcyber.Co, Themanufacturer

Summary

The cybersecurity landscape for industrial control systems is increasingly perilous, with a reported 87% rise in attacks against industrial control infrastructure year-over-year. Organizations are facing a convergence of IT and operational technology (OT) risks, as traditional perimeter defenses become obsolete. The National Cyber Security Centre (NCSC) has warned of a 'perfect storm' of rising threats, including nation-state activity and advanced AI exploitation. Nearly 21% of companies experience OT cyber attacks annually, with 40% of those leading to significant business disruptions. Despite improved detection strategies, many organizations struggle with poor visibility and lengthy recovery times, with 20% requiring over a month to resume operations post-incident. The vulnerabilities in industrial control devices remain high, with 78% containing unfixable flaws. This situation necessitates a shift towards cyber-physical resilience, focusing on the integrity of industrial processes rather than solely perimeter defenses. Key Points: • 87% increase in attacks on industrial control systems reported year-over-year. • 21% of companies face annual OT cyber attacks, with 40% causing business disruptions. • 78% of industrial control devices have vulnerabilities that cannot be fixed.

Key Entities

• Supply Chain Attack (attack_type)
• Malaysia (country)
• Ukraine (country)
• Energy (industry)
• Manufacturing (industry)
• Stuxnet (malware)
• T1021 - Remote Services (mitre_attack)
• Mythos (tool)