Image Courtesy: Data Quest
According to Gartner, Inc., cyber attackers are expected to weaponize operational technology (OT) settings by 2025 in order to successfully injure or kill humans. Attackers are increasingly concentrating their efforts on operational technology, which comprises hardware and software that monitors or controls equipment, assets, and processes.
They have also progressed beyond immediate process disruption, such as plant shutdown, to undermining the integrity of industrial settings with the goal to cause bodily injury, according to Gartner.
The Colonial Pipeline ransomware assault is one of the most recent major security incidents. On April 7, 2021, the Colonial Pipeline, an American oil pipeline system originating in Houston, Texas, was hit by a major ransomware assault. According to sources, the pipeline transports gasoline and jet fuel primarily to the Southeastern United States, accounting for approximately 45 percent of the East Coast’s fuel. To obtain the attack that had disrupted computerised equipment operating the pipeline, the firm had to shut down all pipeline operations for over a week.
The attack emphasised the importance of adequately separated networks for IT and OT. “In operational contexts, security and risk management executives should be more concerned with real-world threats to humans and the environment than with information theft,” said Wam Voster, senior research director at Gartner.
“Inquiries with Gartner clients show that companies in asset-intensive industries such as manufacturing, resources, and utilities struggle to design adequate control frameworks,” Voster added. According to Gartner, the three major motives for security incidents in OT and other cyber-physical systems (CPS) are real harm, commercial vandalism (lower production), and reputational vandalism (making a manufacturer untrusted or unreliable).
It is estimated that the financial effect of CPS assaults that end in fatalities would exceed $50 billion by 2023. “Even without considering the worth of human life, the costs for companies in terms of compensation, litigation, insurance, regulatory fines, and reputation loss would be considerable,” the report stated. According to Gartner, most CEOs will be held personally accountable for such occurrences.