The energy sector is the most targeted industry for cyber-attacks in the UK, as revealed by IBM’s X-Force Threat Intelligence report released in February of this year.
The report analysed global cyber security data between January-December 2021 and found that the sector accounted for 24% of all incidents across the UK, followed by manufacturing which received 19% of attacks. The report also revealed that the UK has become one of the top three most attacked geographies in Europe alongside Italy and Germany.
This is in part due to critical national infrastructure and manufacturing becoming increasingly targeted by cyber criminals hoping to obtain and exploit critical data. These industries have also been under significant pressures including ongoing supply chain challenges, and the energy sector facing further price caps from its regulator. These increasing pressures result in the costs to organisations of cyber security incidents trickling down to consumers, further highlighting the growing need for energy and manufacturing organisations to assess and address their cyber security vulnerabilities.
In light of the reports findings, Laurance Dine, Global Partner for X-Force Incident Response at IBM, said: “In Europe, we saw adversaries overwhelmingly exploiting unpatched vulnerabilities to infiltrate victim environments in 2021, highlighting the importance of adopting a Zero Trust approach to security. Businesses must start operating under the assumption of compromise, putting the proper controls in place to defend their environment and protect critical data.”
A factor affecting cyber security incident rates within these industries is the existing and ever-growing reliance on removable media. Removable media can serve as an attack vector and contain malicious malware in its files, which can trigger computers and machines to become infected and degrade on a large scale. This occurred in the Stuxnet incident of 2010 in which a USB caused the infection of 200,000 computers and 1,000 machines to physically degrade.
Removable media continues to be used particularly in air gapped environments, where lack of internet access makes it difficult to conduct updates and patches to systems. This challenge can be overcome by removable media as it can traverse the airgap, but at the same time brings with it the risk of malware making its way onto your network.
Removable media is being noticed by a number of industry regulators and as such many guidelines, standards and policies encourage or even make it mandatory for an organisation to demonstrate that they are making an effort to combat the threat of removable media to their environment.
How we can help protect your OT network:
SolutionsPT provide a range of removable media protection solutions which scan and sanitize your devices prior to them being plugged into your network. Our solutions can block unscanned devices from connecting to your environment and can also detect zero-day and unknown threats that may be present on your removable media. This helps in meeting policies, regulations and standards surrounding removable media use within OT and at the same time ensures removable media will not cause a cyber incident and negatively impact your operations.
For more information on how I can help your organisation with removable media protection and wider OT cyber security issues, please click my name above or click below.