Logo Leicom ITEC AG
Spiegelung Gebäudefassaden Spiegelung Gebäudefassaden

The Evolution of Cyber Threats to Industrial Systems

27.11.2024

Previous newsletter article, week 48:

<-- Black Friday: When Cybercriminals Go Shopping

Not only consumers, but especially businesses are prime targets during Black Friday.

As the big day approaches, cybersecurity experts issue increasingly urgent warnings: the holiday season is not only a market opportunity, but also a critical time for the security of industrial infrastructure. According to the latest report from IBM X-Force Threat Intelligence, the convergence of IT and OT (Operational Technology) is creating new vulnerabilities, which are further amplified by the surge in digital activity during this time.

“The connection between IT and OT systems has become the main attack vector for the most sophisticated threats,” explains Mark Thompson, senior analyst at Dragos. Their annual report shows that 78% of OT incidents originate from IT security breaches, highlighting the growing difficulty in keeping these two domains separate.

This convergence is exploited by ransomware like BlackMatter and DarkSide, specifically designed to target industrial systems with surgical precision. These types of malware do not just encrypt data but actively manipulate operational parameters of SCADA systems, thereby endangering the physical safety of facilities. Elena Volkov, researcher at Kaspersky ICS CERT, emphasizes: “The ability to directly interfere with industrial processes marks a qualitative leap in attacker capabilities.”

Data from CISA (Cybersecurity & Infrastructure Security Agency) are telling. In 2023, DDoS attacks on SCADA systems rose by 87%, with a peak during last year’s Black Friday. According to Mandiant, the manufacturing sector suffered average losses of €2.3 million per company, a figure that includes not only the direct costs of incidents but also operational downtime and reputational damage.

In the energy sector, a study by Siemens and the Ponemon Institute revealed that over 50% of utility providers detected attempts to manipulate their SCADA systems in the past year. “The shift toward deeper digital integration in the energy sector has created new attack surfaces,” explains Maria Schmidt, Head of OT Security at Siemens.