[PRNewswire] New Research Finds Cyberattacks Against Core Infrastructure up
전체 맥락을 이해하기 위해서는 본문 보기를 권장합니다.
"Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents," said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. "Anticipating that stricter regulations and standards for reporting cybersecurity attacks will become commonplace, the market can expect to gain invaluable insights regarding the nature and severity of attacks and the defenses necessary to prevent them in the future."
이 보도자료는 자료 제공사에서 제공한 것으로, 연합뉴스는 내용에 대해 어떠한 편집도 하지 않았으며, 연합뉴스의 편집방향과는 무관함을 밝혀 드립니다.
이 글자크기로 변경됩니다.
(예시) 가장 빠른 뉴스가 있고 다양한 정보, 쌍방향 소통이 숨쉬는 다음뉴스를 만나보세요. 다음뉴스는 국내외 주요이슈와 실시간 속보, 문화생활 및 다양한 분야의 뉴스를 입체적으로 전달하고 있습니다.
-- State-affiliated Groups Responsible for nearly 60%
-- 60% of incidents result in operational disruption, driving the need for proactive OT defenses and incident response
SINGAPORE, Sept. 20, 2023 /PRNewswire=연합뉴스/ -- Rockwell Automation [https://www.rockwellautomation.com/en-us.html ], Inc. (NYSE: ROK), the world's largest company dedicated to industrial automation and digital transformation, today announced the findings of its report "Anatomy of 100+ Cybersecurity Incidents in Industrial Operations [https://www.rockwellautomation.com/en-us/campaigns/cyentiareport.html ]." The global study conducted by Cyentia Institute analyzed 122 cybersecurity events that included a direct compromise of operational technology (OT) and/or industrial control system (ICS) operations, collecting and reviewing nearly 100 data points for each incident.
The first edition of the report finds nearly 60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time). This corroborates other industry research showing OT/ICS security incidents are increasing in volume and frequency, and are targeting critical infrastructure, such as energy producers.
"Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents," said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. "Anticipating that stricter regulations and standards for reporting cybersecurity attacks will become commonplace, the market can expect to gain invaluable insights regarding the nature and severity of attacks and the defenses necessary to prevent them in the future."
Based on incidents analyzed, key findings include:
- OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.
- Threat actors are most intensely focused on the energy sector (39% of attacks) ? over three times more than the next most frequently attacked verticals, critical manufacturing (11%) and transportation (10%).
- Phishing remains the most popular attack technique (34%), underscoring the importance of cybersecurity tactics such as segmentation, air gapping, Zero Trust and security awareness training to mitigate risks.
- In more than half of OT/ICS incidents, Supervisory Control and Data Acquisition (SCADA) systems are targeted (53%), with Programmable Logic Controllers (PLCs) as the next-most-common target (22%).
- More than 80% of threat actors come from outside organizations, yet insiders play an unintentional role in opening the door for threat actors in approximately one-third of incidents.
In the OT/ICS incidents studied, 60% resulted in operational disruption and 40% resulted in unauthorized access or data exposure. However, the damage of cyberattacks extends beyond the impacted enterprise, as broader supply chains were also impacted 65% of the time.
The research indicates strengthening the security of IT systems is crucial to combatting cyberattacks on critical infrastructure and manufacturing facilities. More than 80% of the OT/ICS incidents analyzed started with an IT system compromise, attributed to increasing interconnectivity across IT and OT systems and applications. The IT network enables communication between OT networks and the outside world and acts as an entryway for OT threat actors. Deploying proper network architecture is critical to strengthening an organization's cybersecurity defenses. It is no longer enough to simply implement a firewall between IT and OT environments. Because networks and devices are connected daily into OT/ICS environments, this exposes equipment in most industrial environments to sophisticated adversaries. Having a strong, modern OT/ICS security program must be a part of every industrial organization's responsibility to maintain safe, secure operations and availability.
"The dramatic spike in OT and ICS cybersecurity incidents calls for organizations to take immediate action to improve their cybersecurity posture or they risk becoming the next victim of a breach," said Sid Snitkin, vice president, Cybersecurity Advisory Services, ARC Advisory Group. "The threat landscape for industrial organizations is constantly evolving, and the cost of a breach can be devastating to organizations and critical infrastructure. The report's findings underscore the urgent need for organizations to implement more sophisticated cybersecurity strategies."
The full findings of the report can be found here [https://www.rockwellautomation.com/en-us/campaigns/cyentiareport.html ].
Methodology
For this report, Rockwell Automation commissioned the Cyentia Institute to analyze data from 122 cybersecurity events across the globe, which occurred from 1982-2022. The Cyentia Institute's team collected and analyzed nearly 100 data points surrounding individual incidents involving the direct compromise or disruption of OT/ICS systems. The resulting report was developed to share instructive insights about actual OT/ICS cybersecurity attack activity.
About Rockwell Automation
Rockwell Automation, Inc. (NYSE: ROK) is a global leader in industrial automation and secure digital transformation. We connect the imaginations of people with the potential of technology to expand what is humanly possible, making the world more productive and more sustainable. Headquartered in Milwaukee, Wisconsin, Rockwell Automation employs approximately 28,000 problem solvers dedicated to our customers in more than 100 countries. To learn more about how we are bringing the Connected Enterprise® to life across industrial enterprises, visit www.rockwellautomation.com.
About the Cyentia Institute
The Cyentia Institute is a research and data science firm dedicated to the mission of advancing knowledge in the cybersecurity industry. We accomplish this by partnering with a variety of organizations to perform comprehensive data analysis and publish high-quality, data-driven research.
To learn more, contact us [https://www.cyentia.com/contact/ ].
Source: Rockwell Automation
[편집자 주] 이 보도자료는 자료 제공사에서 제공한 것으로, 연합뉴스는 내용에 대해 어떠한 편집도 하지 않았으며, 연합뉴스의 편집방향과는 무관함을 밝혀 드립니다.
(끝)
출처 : PRNewswire 보도자료
Copyright © 연합뉴스 보도자료. 무단전재 및 재배포 금지.
- 윤 대통령 21일 탄핵심판 직접 출석…역대 대통령 처음(종합) | 연합뉴스
- 공수처 "尹 거부로 오후9시 강제구인 중지…다시 시도 예정" | 연합뉴스
- 경찰, 안가 CCTV 압수수색 불발…경호처가 또 불응(종합2보) | 연합뉴스
- 대법관회의 "법원 공격은 법치주의 부정…매우 중대한 범죄" | 연합뉴스
- [속보] 트럼프, 기립박수 속 美의회 중앙홀 입장…곧 취임 선서 | 연합뉴스
- '경찰관 폭행' 尹지지자 2명 구속…폭행 경미 3명은 영장 기각 | 연합뉴스
- 수도권·충남에 21일 올겨울 첫 미세먼지 비상저감조치 | 연합뉴스
- [트럼프 취임] "트럼프, 첫날 에너지·국경 비상사태 선포 행정명령" | 연합뉴스
- 법무부 "반인권적 시효 특례법, 재의요구 건의 적극 검토" | 연합뉴스
- 日지식인들 "日, 한일기본조약 해석서 식민지배 정당화…바꿔야" | 연합뉴스