Lack of visibility plaguing ICS environments

2022-03-01 05:50

Dragos released its report on cyber threats facing industrial organizations, naming the emergence of three new threat groups targeting ICS/OT environments, including two that have gained access into the OT systems of industrial organizations.

Ransomware became the number-one attack vector among industrial organizations, with manufacturing as the most targeted sector representing 65%, or 211, of the ransomware cases detected at industrial organizations.

The report aims to share data-informed observations and lessons learned from within the industrial community to give asset owners and operators actionable information and recommendations to help them more fully understand cyber risks to their ICS/OT environments and strengthen their cyber readiness.

"Data from our YIR shows that cyber risk to industrial sectors is accelerating at a time when digital transformation initiatives are driving hyper connectivity, which increases risk and exposure. The real-world observations and data-backed insights in our 2021 YIR report can serve as practical, timely guidance as the industrial community strives to understand where they are exposed, what threat groups are doing, and how to build security and resiliency into their OT systems."

Three new ICS/OT activity groups have been identified-KOSTOVITE, PETROVITE, and ERYTHRITE, with KOSTOVITE and ERYTHRITE reaching Stage 2 of the ICS cyber kill chain, meaning they gained access directly into ICS/OT networks.

Limited or no OT network visibility: 86% of organizations had limited to no visibility into their ICS environment making detections, triage, and response incredibly difficult at scale.

News URL

https://www.helpnetsecurity.com/2022/03/01/cyber-threats-ics-ot/

#ICS