Do you know what businesses have been the most targeted for hackers in 2020? If you said Industrial Businesses, you were right. Just behind the financial services that top the ranking, were the industrial sector, becoming the top risk sector of 2020 so far.
Industrial companies attract hackers because of their size, the importance of business processes, and their impact on the world and people’s lives. According to the report, the main threats to industrial companies come from espionage and financial losses.
Hackers have mastered their skills because of the covid-19 lockdown, and have broadened their limits, attacking industries where they haven’t put their eyes before. For example, through the years, banking has been at the top because everything is digital, and the more digital, the more danger is. But now, as industries take their system into the digital way, they’re in danger.
The main threats for industrial companies are espionage and financial losses. Thus, in 2020, hackers were mostly motivated by data theft (84% of cases), while financial gain was the aim of 36 percent of criminals.
Once criminals have obtained access to ICS components, they can shut down entire production lines, cause equipment to fail, or incidents that could cause serious harm.
Olga Zinenko, a senior analyst at Positive Technologies, says, “Today, the level of cybersecurity at most industrial companies is too low for comfort. In most cases, Internet-accessible external network perimeters contain weak protection, device configurations contain flaws, and we find a low level of ICS network security and the use of dictionary passwords and outdated software versions present risks.”
The report reveals that, once inside the internal network, attackers can steal user credentials and obtain full control over the infrastructure in 100 percent of cases. At 69 percent of companies, they can steal sensitive data, including information about partners and company employees, email correspondence, and internal documentation.”
But worrying is that at 75 percent of industrial companies Positive Technologies specialists managed to gain access to the technological segment of the network, which allowed them to then access actual industrial control systems in 56 percent of cases.
Security assessments conducted in 2020 revealed that in 91 percent of industrial organizations, an external attacker can penetrate the corporate network. Once inside the internal network, attackers can obtain user credentials and full control over the infrastructure in 100 percent of cases, and in 69 percent of cases they can steal sensitive data, including information about partners and company employees, email correspondence, and internal documentation.
But most importantly, at 75 percent of industrial companies Based on the results of 12 internal and external security assessments of corporate information systems conducted in 2017–2020, the goal of which was to gain access to industrial networks. our experts managed to gain access to the technological segment of the network. This allowed criminals to obtain access to industrial control systems in 56 percent of cases.