Cyber-attacks against industrial organisations on the rise: IBM and Kaspersky studies on the state of ICS security

A guest post from the ICS cyber security blog:

Cyber attacks against industrial organizations are on the rise: IBM and Kaspersky studies on the state of ICS security

May 08, 2021 – icscybersec

IBM (and its security research team known as X-Force) are not often mentioned in connection with ICS cybersecurity, even though they are a fundamentally good and experienced group. In their annual Threat Intelligence Index, published back at the end of March, what’s really interesting to us now is that, based on the research data they uncovered, of the top three sectors (those most targeted by cyber attacks in 2020), two (the second and third, the first still being the financial sector) are industrial. Manufacturing companies came in second, and the energy sector, the alpha and omega of national critical infrastructure, came in third.

A significant proportion of the attacks on manufacturing companies were ransomware attacks, which in many cases caused long or short outages in production management and inventory control systems, with significant losses.

Just over a third (35%) of attacks in the energy sector were data theft attempts, with ransomware accounting for “only” 6%.

Similar trends can be seen in Kaspersky’s 2020 ICS Security Summary covering the second half of the year, which reports an increase in ransomware attacks against ICS systems and equipment in individual countries.

The summaries cited fit perfectly with other similar publications and show that industrial organisations and their ICS systems are facing increasing cybersecurity risks, which these organisations need to respond to effectively and quickly. This will not happen without unprecedented and effective collaboration between IT and OT disciplines – but it will not happen, or will happen painfully slowly, if organisations try to build collaboration from the bottom up, initiated by IT and OT engineers, and if corporate management does not (also) take the lead.


The original guest post was published on the ICS cyber security blog.

Translated by DeepL.