On September 19, 2023, Rockwell Automation, world leader in industrial automation, published a report titled “Anatomy of 100+ Cybersecurity Incidents in Industrial Operations”. In the report, the Cyentia Institute analyzes 122 intrusions that triggered a direct compromise of OT and/or ICS processes, throughout the world.
The report finds nearly 60% of cyberattacks against the industrial sector are led by state-affiliated actors, and frequently target critical infrastructure. The most targeted sector is energy, with 39% of attacks, in front of critical manufacturing (11%) and transportation (10%). Fifty-three percent of attacks target SCADA systems and 22%, PLCs (used in the automated management of industrial power grid control systems).
A third of the attacks occur after manual activation by an employee. Phishing is the most common intrusion method (34% of cases). In order to address these weaknesses, Rockwell calls for a more widespread rollout of segmentation, insulation through air gapping, and zero trust access points. The other priority is raising awareness among industrial teams in regard to digital hygiene and cybersecurity.
Mark Cristiano, Commercial Director of Global Cybersecurity Services at Rockwell Automation, believes the report provides manufacturers with “precious information concerning the nature and seriousness of cyberattacks, as well as the defensive measures needed to prevent them,” pending “stricter regulations and standards in terms of cyberattack reporting”.