Having doubled in the last 4 years, the cyber attacks aimed at industry organizations Energy and Utilities. E in the first quarter of 2023, half of the attacks hit Europe. Emerge dal Rapporto Clusit Energy & Utilities according to which the trend in this sector is much less constant and predictable compared to the overall trend of cyber attacks. Meanwhile one Fortinet studio finds that 75% of OT companies globally have experienced at least one intrusion in the last year, while according to the study by Statista 80% of Italian companies aim for a single provider.

The attacks on Energy and Utilities

In analyzing the cyber risks relating to the energy sector, the Clusit researchers highlighted for the first quarter of this year the doubling of “hacktivism” matrix attacks compared to 2022. As with other sectors, however, attacks in the Energy & Utilities sector are mostly carried out for the purpose of cybercrime (78% of the total in the first quarter of 2023, compared to 70% in 2022), i.e. they economic goals related to the spread of ransomware attacks. The malware it is precisely the main cause of attacks (78% of total attacks) on the sector, up by 66% in absolute value compared to 2022.

Smart Grid: what is the impact of distributed generation on smart grids?

Hackers target Europe

In the first quarter of the year, Europe suffered the 45% of attacks, Asia 11%, The Americas saw the incidence on the analysis sample grow from 28% to 44% in the same period of time. In the same period, moreover, only accidents with a “critical” impact were detected in the Energy & Utilities sector: they were over 50% in 2022 and I’m almost today two thirds of the total. Instead, they are completely absent in the quarter analysed low impact attacks.

The growth trend of attacks in the sector appears consistent with the overall trend line, but attention is drawn to geopolitical scenarios, in particular the Russian-Ukrainian crisis. The strong regulation and control that characterizes this market, the presence of large enterprise players with the consequent investment capabilities in both organizational and technological measures could, according to the Clusit experts, justify this linear growth, without the particular peaks which have instead been observed in other markets.

The weaknesses of the two sectors

“The fact that this important growth is in line with the global scenario could be interpreted as a greater maturity on the subject of the Energy & Utilities sector compared to others – he says Alessio Pennasilico, member of the Scientific Committee of Clusit –. However, the impact of an accident in this sector and the possible consequences for the population of entire cities, regions or states are so significant that even small numbers of accidents constitute an unacceptable risk for civil society and suggest the need for continuous and constant improvement of the security posture”.

Two very relevant aspects for this sector, the Clusit experts also point out, are the interdependence and interconnection between the provision of services: a localized incident, in fact, in addition to creating disruptions in a specific area, is very likely to trigger a domino effect and create much more significant and geographically widespread impacts.

Industry 4.0 companies are at high risk

A global Fortinet study finds that 75% of OT companies (operational technology, sistemi sinergici all’IT in Industria 4.0) globally has experienced at least one intrusion in the last year. 95% of companies also expect responsibility for OT cybersecurity to shift from directors and managers to the CISO in the next 12 months

“The report shows that although OT companies have improved their overall cybersecurity posture,” he says John Maddison, Evp Products e Cmo di Fortinet –, there are still continuous opportunities for improvement. Networking and IT teams are under great pressure to adapt and become more OT-aware, and businesses are moving to find and deploy solutions that implement security across the entire IT/OT environment to reduce overall risk. to safety”.

According to the study le malware intrusions (56%) and phishing (49%) were again the most commonly reported types of incidents, with nearly a third of respondents reporting having been the victim of an attack ransomware over the past year (32%, unchanged from 2022).

The explosion of connected devices highlights complexity challenges for OT enterprises: Nearly 80% of respondents said they have more than 100 IP-enabled OT devices in their OT environment, highlighting how challenging it is for IT and security teams to secure a landscape of ever-evolving threats.

Survey results revealed that cybersecurity solutions continue to contribute to the success of the majority of OT professionals (76%), particularly improving efficiency (67%) and flexibility (68%). However, the study data also indicates that the dispersion of solutions makes it more difficult to embed, use, and consistently enforce policies in an increasingly converged IT/OT landscape. The problem gets worse with thesystem aging: The majority of companies (74%) reported that the average age of their company’s systems is between 6 and 10 years old.

Cybersecurity, companies towards the single provider

81% of Italian companies want a single provider, but only 23% use a single provider of solutions for data protection and security systems, according to the Statista study for Elmec Informatica and CybergON.

Costs are the key factor for more than half of the companies “which is why – the document reads – they have relapsed into the choice of relying on multiple service providers”. “In 2022, cyber attacks on cloud-based structures increased by 48% on a global scale. This increase is due to the huge amount of data in the cloud and the desirability it has for cybercriminals,” he says. Elisa Ballerio, Marketing Director of CybergON.

“In the next five years – explains Ballerio – it is estimated that worldwide spending on cloud services and infrastructures will double, which is why it is necessary for companies to be educated on the advantages and benefits of choosing a sole interlocutor that takes care of both data management and their security”.

The advantages of the single provider

According to what emerged from the research, the companies that declare that they want to rely on a single provider have recognized the various advantages of making such a gesture: better protection some data, better alignment of strategies security and data management, incident response optimization security and simplified management.

In particular, costs have been a key factor for large companies, in fact, 72% of respondents with a thousand or more devices have opted for multiple service providers.

In conclusion, sensitive information protection and security solutions are essential components in the cloud computing architecture to ensure that data is protected from unauthorized access, theft or loss.

