Ransomware attacks acute in Saudi Arabia: KPMG
INDUSTRIAL NEWS
The frequency of cyberattacks on industrial operations has increased in recent years, with ransomware attacks particularly acute in Saudi Arabia, according to KPMG's latest publication on Industrial cyber defence.
The estimated costs of these ransomware attacks have skyrocketed — climbing from $8 billion in 2018 to $11.5 billion in 2019 and hitting $20 billion in 2020.
The cybersecurity threat to industrial operations has rapidly evolved and expanded over the last year. This is due to several factors, including a shift to more engineering and maintenance remote activities, more remote operation work on production lines and incomplete digitalisation efforts.
"Despite the growing threat and public pressure, organisations remain unprepared. Organisations may be facing a paradox of choice. The cybersecurity industry includes myriad services, many of which are relatively new and sometimes untested. Confounded by choices, many organisations end up unprotected," commented Hossain Alshedoki, IT/OT Cybersecurity ENR Lead, KPMG in Saudi Arabia.
Over time, ransomware attacks have become more sophisticated and have changed to achieve their ends by different methods. Additionally, these attacks have increasingly targeted the Industrial Control System (ICS) environments such as oil and gas, and manufacturing.
Ransomware attacks on operational technology (OT) networks soared fivefold from 2018 to 2020. Out of these, manufacturing entities comprised over one-third of confirmed ransomware attacks on industrial organisations, followed by utilities.
Furthermore, a study by (CS)²AI and KPMG, the Control System Cyber Security Survey 2020 indicated that 10 to 20 percent of respondents did not know whether these components (PLCs, IEDs, RTUs, HMI, Servers, Workstations and Historian) were remotely accessible.
Given the current threat landscape, organisations need to take action today and be better prepared for the evolving threat. Consequently, cyber PHAs - a risk mitigation methodology that helps facilitate a holistic cyber PHA exercise - should resultingly evolve along with the evolving nature of industrial cybercrime.
"Risk assessment teams must be aware of the changing threat landscape and update their work processes and templates in line with those changes. Cyber PHAs should link realistic threat scenarios – that consider new kinds of industrial cyberattacks – with known vulnerabilities and existing countermeasures," said Alshedoki.
A cyber PHA, typically performed in phases, is scalable and can be applied to individual systems or entire facilities or enterprises. While the benefits of cyber PHA are numerous, the most obvious benefit is system security.
A cyber PHA methodology, when implemented correctly, instills practices throughout an industrial system that will prevent most cyberattacks, Alshedoki stated.
"Cyber PHA benefits an organisation's broader business practices. Applying a cyber PHA methodology documents an organisation's business processes and requires the creation of integrated information security policies, procedures, standards, and controls used within an organisation," he concluded.
-- TradeArabia News Service
