Critical infrastructure is increasingly targeted by cyber criminals – and while those responsible for running industrial networks know that securing operational technology (OT) and the Industrial Internet of Things (IIoT) is vital, they're struggling, resulting in networks being left vulnerable to attacks.
According to analysis by cybersecurity company Barracuda, 94% of industrial organisations have experienced a "security incident" during the past 12 months.
These include Distributed Denial of Service (DDoS) attacks, unauthorised remote access to networks, compromised supply chains, data theft, ransomware, and more.
SEE: A winning strategy for cybersecurity (ZDNet special report)
The attacks are impacting industrial operations – according to the research, 43% of those hit with a cyberattack had their operations affected for two days, while a further 19% said the impact lasted for three or more days. On average, it took organisations 1.84 days to resolve issues and get operations back to normal.
Almost half of those hit by cyberattacks reported feeling a moderate impact, with a large number of devices or several locations impacted. The research found 11% of those hit said the attacks had "significant" impact, resulting in complete shutdown of all devices at all locations, while 36% said the breach resulted in minimal impact, with just a few devices affected: 5% said no impact was felt at all.
While industrial organisations appear to be aware about the importance of cybersecurity, many are struggling to adopt a full cybersecurity strategy – 96% say more investment is needed in securing IIoT and OT.
Almost three-quarters (72%) of organisations say they have either already implemented or are in the process of implementing IIoT or OT security projects but are facing "significant challenges", including with what's described as basic cyber hygiene.
For example, multi-factor authentication (MFA) is still rare in industrial organisations. According to the report, just 18% of companies running industrial networks require MFA for access to operational technology systems. Even in critical industries like energy, most networks don't require users to be equipped with MFA, with 47% of networks allowing users to access networks without additional authentication.
In addition to this, many organisations are slow to apply security patches, which could potentially leave them vulnerable to cyberattacks attempting to exploit known vulnerabilities which the updates could fix.
While one in five organisations say they apply updates on a daily basis and a third say they apply them weekly, almost a quarter only apply security updates once a month. Just under one in five say they only apply the updates quarterly, while one in twenty say they only do it every six months.
Organisations are worse at applying the updates when they need to be done manually, something the report suggests demonstrates the importance of ensuring that security updates are rolled out automatically.
Applying security patches is one of the key things that organisations can do to help keep their network safe from cyber attacks.