Critical infrastructure is increasingly the target of cybercriminals – and while those responsible for operating industrial networks know that securing operational technology (OT) and the industrial internet of things (IIoT) is vital, they find it difficult to manage all this. This results in networks being left vulnerable to attacks.
According to an analysis by cybersecurity firm Barracuda, 94% of industrial organizations have experienced a “security incident” in the past 12 months.
These include Distributed Denial of Service (DDoS) attacks, unauthorized remote access to networks, compromised supply chains, data theft, ransomware, and more.
Attacks impact industrial operations
Attacks impact industrial operations – according to the study, 43% of businesses affected by a cyberattack had their operations affected for two days, while 19% said the impact lasted three days or more. On average, organizations took 1.84 days to resolve issues and restore operations.
Nearly half of businesses affected by cyberattacks said they felt a moderate impact, with a large number of devices or multiple sites affected. 11% of impacted businesses say the attacks had a “significant” impact, resulting in the complete shutdown of all devices across all sites, while 36% believe the breach had minimal impact, with only few affected devices. For 5% of the companies surveyed, no impact was felt.
While industrial companies seem aware of the importance of cybersecurity, many of them struggle to adopt a comprehensive cybersecurity strategy. However, 96% of them believe that more investment is needed in securing the IIoT and OT.
Multi-factor authentication is still rare in industrial organizations
72% of organizations have already implemented or are in the process of implementing IIoT or OT security projects, but they say they face “significant challenges”, especially with regard to what is described as cyber hygiene of the base.
For example, multi-factor authentication (MFA) is still rare in industrial organizations. According to the report, only 18% of enterprises operating industrial networks require MFA for access to operational technology (OT) systems. Even in critical industries like energy, most networks do not require users to be equipped with MFA, with 47% of networks allowing users to access networks without additional authentication.
Additionally, many organizations are late in applying security patches, making them potentially vulnerable to cyberattacks that try to exploit known vulnerabilities that updates could fix.
Organizations are less good at applying updates when they have to do it manually
While one in five organizations say they apply updates daily and a third apply them weekly, nearly a quarter only apply security updates once a month. Just under one in five organizations say they only apply updates quarterly, while one in twenty say they only do so every six months.
Organizations are less good at applying updates when they have to do it manually, which the report says demonstrates the importance of ensuring that security updates are deployed automatically.
Applying security patches is one of the main steps businesses can take to protect their network from cyberattacks.
Source: ZDNet.com