A new report from Siemens Energy and the Ponemon Institute notes a sharp increase in IT cyberattacks. The organizations impacted often take months to recover.

Cyberattacks are traditionally targeted at IT organizations. But in recent years such attacks have sought to penetrate energy, oil & gas, and other industrial organizations (known collectively as operational technology or OT).

Reportedly, 77% of OT organizations saw a cyberattack in the last 12 months that disrupted operations or disclosed confidential information in utilities, manufacturing, and energy-related industries, according to Leo Simonovich, Vice President and Global Head of Industrial Cybersecurity for Siemens Energy.

The report, “Overexposed and Underprepared: The state of OT cybersecurity for energy and related industries,” uncovered:

• When asked to identify the top cybersecurity threats to critical operations, respondents cited malicious insiders and third-party mistakes/ Closely followed by denial of service attacks, insecure web applications, viruses and other malware, negligent insiders, insecure endpoints, watering hole attacks, and AI misuse.
• 26% of detected cybersecurity attacks on OT in the past 12 months involved one or more third party vendors or contractors.
• 46 % of respondents said it is likely that a successful cyber exploit against their company will cause a plant shutdown.

“Attackers apply the new power of generative AI to discover and exploit digital vulnerabilities,” says Simonovich. “Organizations such as manufacturing, oil and gas, electricity, utilities, and petrochemicals see frequent, often sophisticated cyberattacks against their OT systems.”