Report highlights surge in cyberattacks on operational technology

A recent report from Fortinet has highlighted a substantial rise in cyberattacks targeting operational technology (OT) systems, raising concerns for organisations globally about the need to enhance cybersecurity measures. The 2024 State of Operational Technology and Cybersecurity Report indicates that 73 per cent of organisations experienced an intrusion impacting either OT systems alone or both OT and IT systems, marking a significant increase from 49 per cent the previous year.

John Maddison, chief marketing officer at Fortinet, elaborated on the significance of these findings. "Fortinet’s 2024 State of Operational Technology and Cybersecurity Report shows that while operational technology organisations are making progress in strengthening their security posture, teams still face significant challenges in securing converged information technology/operational technology environments. Adopting essential tools and capabilities to enhance visibility and protections across the entire network will be vital for these organisations when it comes to reducing the mean time to detection and response and ultimately reduce the overall risk of these environments."

Notably, nearly one-third of respondents reported experiencing more than six intrusions within the past year, a steep increase from 11 per cent in the previous year's survey. This uptick in breaches includes the most common types of intrusions such as phishing and compromised business emails, with techniques like mobile security breaches and web compromise being the predominant methods utilised by threat actors.

The report also highlights a troubling decline in the ability of organisations to maintain comprehensive visibility over their OT environments. Only five per cent of respondents claimed to have complete visibility, a drop from 10 per cent the previous year. However, there was an increase in the number of respondents reporting 75 per cent visibility, indicating progress towards a more realistic understanding of their cybersecurity posture.

“As threats grow more sophisticated, the report suggests that most organisations still have blind spots in their environment,” the report notes. The survey data revealed that more than half of the respondents (56 per cent) experienced ransomware or wiper intrusions, which is an increase from 32 per cent the year before, further underscoring the need for enhanced network visibility and detection capabilities.

Fortinet's findings also suggest that responsibility for OT cybersecurity is becoming increasingly prominent within executive leadership teams. There has been a noticeable shift in aligning OT security with the role of the Chief Information Security Officer (CISO), which has grown from 17 per cent to 27 per cent. Additionally, there is an increasing trend towards assigning OT responsibility to other C-suite executives such as Chief Information Officers (CIO), Chief Technology Officers (CTO), and Chief Operating Officers (COO), with expectations for this alignment to reach upwards of 60 per cent within the next 12 months.

To tackle these cybersecurity challenges, the report outlines several best practices for organisations. These include deploying segmentation to create network zones with strong policy controls, establishing comprehensive visibility and compensating controls for OT assets, integrating OT into security operations and incident response plans, and embracing OT-specific threat intelligence and security services. A platform-based approach to overall security architecture is also recommended to simplify and consolidate the cybersecurity infrastructure.