Phishing Reigns Supreme: Rockwell Automation Unveils Key Tactics in Industrial Cyberattacks

Category: Critical Infrastructure Security | Industries: Energy, Industrial, Manufacturing, Transportation | Source: Rockwell Automation

A research report from Rockwell Automation's titled "Anatomy of 100+ Cybersecurity Incidents in Industrial Operations," highlights the escalating cybersecurity challenges faced by the industrial sector. The research, carried out by the Cyentia Institute, analyzed 122 cybersecurity events aimed at operational technology (OT) and industrial control systems (ICS). Startlingly, over 60% of these attacks were masterminded by state-affiliated actors, often inadvertently aided by internal personnel, constituting about one-third of cases. Critical infrastructure sectors, encompassing energy, critical manufacturing, water treatment, and nuclear facilities, were primary targets. The energy sector bore the brunt, with 39% of incidents, followed distantly by critical manufacturing (11%) and transportation (10%). Phishing attacks (34%) remained the favored tactic, underscoring the need for robust cybersecurity measures such as "segmentation, air gapping, Zero Trust and security awareness training to mitigate risks," as recommended by Rockwell Automation and Cyentia. The report emphasizes the urgency for organizations to bolster the security of their IT systems, as over 80% of incidents stemmed from IT system breaches, "attributed to increasing interconnectivity across IT and OT systems and applications."

Moreover, the report reveals that Supervisory Control and Data Acquisition (SCADA) systems (53%) were targeted in more than half of the OT/ICS incidents, followed by Programmable Logic Controllers (PLCs) (22%). These attacks resulted in operational disruption (60% of incidents) and unauthorized access or data exposure (40% of incidents). Alarmingly, the broader supply chain was affected in 65% of cases. To counter these evolving threats, industrial organizations must immediately enhance their cybersecurity posture, with a focus on modernizing their OT/ICS security programs. The interconnected nature of IT and OT systems necessitates a comprehensive approach to network architecture that goes beyond conventional firewalls.