92% of Industrial Sites Face Cybersecurity Risks from Remote Access, DeNexus Study Finds

A new study by DeNexus has revealed that a startling 92% of industrial sites worldwide are at risk from unsecured remote access systems, exposing them to potential losses as high as $1.5 million per location. The research into Industrial cybersecurity risks looked at 254 industrial facilities. Covering North America, Europe, and Australia, underscoring the vulnerability of critical sectors like manufacturing, renewable energy, and data centers.

Cybercriminals have exploited the industrial sector’s cybersecurity risks and vulnerabilities in numerous high-profile cyberattacks over the years. In 2021, the Colonial Pipeline ransomware attack disrupted fuel supplies across the U.S. East Coast after hackers targeted the company’s systems through poor cybersecurity controls. Earlier examples, like the 2017 Triconex Industrial Safety System attack, targeted nuclear and other critical infrastructure by manipulating safety systems. In 2015, hackers took down the Ukrainian power grid. This marked one of the first instances of a cyberattack causing widespread power outages.

The report identifies remote services as a major cybersecurity threat. Cybercriminals frequently exploit common technologies like Remote Desktop Protocol (RDP) and Virtual Private Networks (VPN) due to poor security configurations despite their efficiency. It also notes the role of cyber insurance in helping organizations mitigate financial risks associated with remote access vulnerabilities.

Manufacturing and Energy Sectors Among the Hardest Hit

Researchers identified the manufacturing sector as the most exposed to cybersecurity risks, averaging $875,000 in financial losses per remote access cyber incident. While less exposed, renewable energy facilities still risked average losses of $150,000. The annual expected loss across all analyzed sites related to remote services was $223,000 per facility, highlighting the economic stakes involved.

Alarming Trends in Cyberattack Techniques

Remote services represent three of the top seven methods attackers use to gain unauthorized access, according to the MITRE ATT&CK® framework for Industrial Control Systems (ICS). These include:

• Exploiting vulnerabilities in remote services.
• Using stolen credentials to infiltrate networks.
• Targeting externally accessible services like VPNs.

In 17 of the 24 most severe OT cyberattacks reviewed by Takepoint Research, remote services served as the primary attack vector, emphasizing the urgency for better safeguards.

Recommendations to Mitigate Industrial Cybersecurity Risks

To combat these threats, DeNexus recommends a suite of best practices:

1. Regular Patching and Scanning: Vulnerability scans and software patches should occur at least monthly.
2. Strong Authentication: Multi-factor authentication (MFA) is essential for securing remote access.
3. Network Segmentation: Critical OT systems should be isolated from external networks through firewalls and demilitarized zones (DMZs).
4. Just-in-Time Authorization: Access should be limited to specific times and only with prior approval.
5. Password Management: Regular updates and robust policies reduce the risk of compromised credentials.

“These measures are vital for organizations looking to mitigate remote access vulnerabilities effectively,” said Jose Seara, CEO of DeNexus.

Other News: Industrial Sector Hit Hard by Ransomware Rampage(Opens in a new browser tab)