Читать книгу Digital transformation for chiefs and owners. Volume 3. Cybersecurity - Джимшер Челидзе - Страница 8

The industry is increasingly attracting cybercriminals: the number of attacks in 2021 exceeds the results of 2017 by more than 7 times. Additionally, in 2022, about 10 percent of all successful attacks came from industry. At the same time, industrial companies, in fact, are not ready to withstand complex attacks and malware. Thus, 95% of companies either do not protect their automated process control systems (ACS TP) special solutions, or do so partially. Additionally, a systematic approach to cybersecurity management, such as vulnerability management and software component upgrades, is also lacking in 93 percent of cases. This is in view of the fact that the damage from stopping business processes can be catastrophic, including with damage and destruction of equipment, man-made disasters. Companies are easier to follow hackers and pay ransom quietly.

What saves us now is that it is simply unprofitable for intruders to study technological parameters, to understand exactly what to change, because you can simply encrypt or steal confidential data. In my view, that is a key deterrent.

The general trend is also maintained here – the attacks are becoming more complex:

– using Malicious Software (71% Successful Attacks)

– social engineering (about 50%)

– exploitation of software vulnerabilities (41%).

Malware itself was distributed through IT equipment (49% of cases) and mail (43%). Interruptions to technological and business processes occurred in 47 per cent of cases. Additionally, mainly because of data encryption and data deletion software (vampers). During 2022, the share of ciphers increased from 53% in the first quarter to 80% in the third. The share of waxers reached 7% (in 2021 it was 1—2%).

The increasing share of vulnerability exploitation in attacks suggests that these methods are economically feasible, which already indicates a low level of protection in industry. And it was in software and hardware products designed for industry that the most dangerous vulnerabilities were discovered and corrected in 2021.

Industrialists and power engineers like and are aware of all risks, but the specificity of the industry does not allow to conduct full-scale exercises with the development of practical scenarios and the identification of unacceptable events. Therefore, there are now emerging cyber-test sites where you can use virtual or augmented environments without the risk of breaking processes and equipment, conducting any exercises and assessing the consequences. One such example is the Standoff event organized by PT.

In general, in 2021, the interests of hackers in Russia by branches of industry were distributed as follows:

– 31% aerospace industry;

– 23% of public organizations;

– 23% of IT-company;

– 15% Military Industrial Complex;

– 8% fuel and energy complex.

As for PT statistics, in their projects from the first half of 2020 to the second half of 2021 they managed to implement 87% of unacceptable events.