DBIR Finds Attacks on Critical Infrastructure a Growing Concern
by Stefanie Scott
Cyberespionage and threats to critical infrastructure are a growing concern in the constantly evolving security industry.
Critical infrastructure spans everything from power plants, pipelines and telecommunications networks to manufacturing plants and traffic light systems. An attack on an energy or utility company can not only interrupt basic services to customers but also can have a disruptive impact on society at large and the delivery of basic services to consumers.
Verizon has studied the cyberthreat landscape for years and views cyberespionage as an emerging and growing threat.
“Financial crimes and hactivism are a constant concern, but they’re not the only game in town. Based on our data, cyberespionage is making its mark on the security landscape,” said Bryan Sartin, director of the RISK team at Verizon Enterprise Solutions and co-author of the Verizon Data Breach Investigations Report. “A large portion of the cyberespionage attacks we are seeing are on critical infrastructure. Energy, utilities, manufacturing, transportation and public sector organizations are now beginning to feel the effect.”
The 2013 Verizon Data Breach Investigations Report (DBIR) released earlier this year found cyberespionage was 20 percent of the overall 47,000 incidents included in the study – a marked increase from previous years. In fact, espionage amounted to just 3 percent or less in the 2011 and 2012 data breach reports.
“The espionage threat is real and on the radar,’’ Sartin said. “We are seeing more criminal motivations right now than ever before and more variability in the cyberthreat landscape. Espionage brings with it new adversaries with different motives, tools, tactics, entry points, and — of course — different victims.”
With more than 800,000 route miles of network around the globe, Verizon often sits between the attackers and the victims of cyber attacks. The company has the ability to detect many attacks as they occur and collect intelligence to help protect and notify our customers.
With critical infrastructure attacks, it’s not as much about money as it is about intelligence-gathering and obtaining leverage for economic or military purposes. Rather than target information technology (IT) systems, a critical infrastructure attack is often on the operational technologies (OT) that underlie operations. For example, in the case of an energy company, the attack might be on the industrial control systems that mediate power generation.
Verizon works closely with its clients to develop strategies to protect physical assets and data and recommends organizations operate under the assumption that they will suffer a security breach and take steps to prevent it.
For ongoing insight and analysis from some of the world’s most distinguished security researchers, read the Verizon Security Blog at securityblog.verizonbusiness.com.