Cyber threats facing the Industrial Sector

A new report on industrial cybersecurity has revealed three new threat groups that have been targeting the industrial sector, further indicating around half of all attacks on the industrial sector were launched by only two known cybercriminal outfits. The most affected sectors include manufacturing (211 attacks), followed by food and beverage (35), transportation (27), energy (13) and oil and gas (10).

In a recent report, Dragos disclosed details about several threat groups targeting the industrial sector – Petrovite, Kostovite and Erythrite. Kostovite and Eythrite are reported to carry out sophisticated intrusions with the aim to hijack system access and steal data. The report also revealed that LockBit 2.0 and Conti are groups that joined the scene, estimating to be behind 51% of all ransomware attacks in the industrial sectors.

Kostovite targeted a major renewable energy organisation in 2021, using a zero-day vulnerability in to obtain direct access to the firm’s infrastructure, move laterally and steal data. Petrovite was first discovered in 2019 and continually targeted mining and energy firms in Kazakhstan. Erythrite generally targets organisations in the U.S. or Canada, targeting oil and gas, electricity firms and manufacturers.

What is making hackers successful?
 

Dragos researched the general state of industrial security and stated that the OT threat mitigation is extremely difficult at scale, as 86% of engagements were found to be lacking network visibility. The industry related CVE vulnerabilities were more than doubled in 2021 compared to 2020, and around over a third of CVE advisories are having inaccurate data and errors in regards to ICS/OT – making it harder to patch emerging vulnerabilities correctly. Furthermore, around 65% of advisories for public vulnerabilities had a patch available with no alternative means of solution.

The attacks on ICS/OT systems are less about making money and more focused on data theft or causing disruption. Such attacks may cause serious outcomes for industry, and the associated nations. It is important that the industrial sector have an in-depth cybersecurity strategy to overcome and withstand such attacks.

If you would like to find out more about OT and how the current state of cybersecurity could affect your organisation, then please Click Here to speak to one of our specialists. Alternatively, existing customers can contact their Nviron Account Manager.