Critical infrastructure is increasingly targeted by cyber criminals – and while those responsible for running industrial networks know that securing operational technology (OT) and the Industrial Internet of Things (IIoT) is vital, they’re struggling, resulting in networks being left vulnerable to attacks. .
According to analysis by cybersecurity company Barracuda, 94% of industrial organizations have experienced a “security incident” during the last 12 months.
These include Distributed Denial of Service (DDoS) attacks, unauthorised remote access to networks, compromised supply chains, data theft, ransomware and more.
The attacks are impacting industrial operations – according to the research, 43% of those hit with a cyber attack had their operations affected for two days, while a further 19% said the impact lasted for three or more days. On average, it took organizations 1.84 days to resolve issues and get operations back to normal.
Almost half of those hit by cyber attacks reported feeling a moderate impact, with a large number of devices or several locations impacted. 11% of those hit said the attacks had “significant” impact, resulting in complete shutdown of all devices at all locations, while 36% said the breach resulted in minimal impact, with just a few devices affected: 5% said no impact was felt at all.
While industrial organizations appear to be aware about the importance of cybersecurity, many are struggling to adopt a full cybersecurity strategy – 96% say more investment is needed in securing IIoT and OT.
SEE: A winning strategy for cybersecurity (ZDNet special report)
72% of organizations say they have either already implemented or are in the process of implementing IIoT or OT security projects but are facing “significant challenges” including with what’s described as basic cyber hygiene.
For example, multi-factor authentication (MFA) is still rare in industrial organizations. According to the report, just 18% of companies running industrial networks require MFA for access to operational technology systems. Even in critical industries like energy, most networks do not require users to be equipped with MFA, with 47% of networks allowing users to access networks without additional authentication.
In addition to this, many organizations are slow to apply security patches, which could potentially leave them vulnerable to cyber attacks attempting to exploit known vulnerabilities which the updates could fix.
While one in five organizations say they apply updates on a daily basis and a third say they apply them weekly, almost a quarter only apply security updates once a month. Just under one in five say they only apply the updates quarterly, while one in twenty say they only do it every six months.
Organizations are worse at applying the updates when they need to be done manually, something the report suggests demonstrates the importance of ensuring that security updates are rolled out automatically.
Applying security patches is one of the key things which organizations can do to help keep their network safe from cyber attacks.
MORE ON CYBERSECURITY