Here’s a translation of the text into American English:
ESET warns of the sustained growth of cyberattacks targeting operational technologies and underscores the urgency of protecting critical infrastructure in an increasingly complex and dangerous landscape.
Industrial cybersecurity has evolved from a minor concern to a strategic issue. In a world where power grids, industrial plants, and transportation systems are becoming increasingly interconnected, attacks on so-called operational technologies (OT) pose a direct threat to physical safety, the economy, and human life.
ESET, a leading cybersecurity company, alerts that cyberattacks targeting OT environments are no longer a theoretical possibility but a growing reality. Incidents like the BlackEnergy and Industroyer attacks that caused massive blackouts in Ukraine have demonstrated the destructive potential of these offensives. “OT systems manage critical processes. Their compromise can lead to real damage and imminent dangers. We’re not just talking about data loss; we’re talking about material and human risks,” says Josep Albors, Research and Awareness Director at ESET Spain.
From Closed Systems to Vulnerable Points
Digitization has transformed traditionally isolated OT environments into more visible targets. Integration with IT systems to improve operational efficiency has exposed these systems to global threats. Many of them also use outdated software and protocols that lack the basic security measures currently considered standard.
According to ESET data, in 2023 there were 68 cyberattacks against industrial infrastructures, affecting over 500 physical operations, marking a 16% increase compared to 2022. McKinsey estimates that the average cost of a severe incident in an OT environment is around $140 million, not including potential penalties for non-compliance with regulations like the European NIS2.
Technical and Cultural Challenges
The issue is not just technological. Protecting OT environments involves overcoming technical and organizational challenges: from legacy technologies that are difficult to update, to a lack of visibility of assets, to the existence of insecure protocols and a weak cybersecurity culture among staff.
Furthermore, there is a key difference between IT and OT environments: while the former prioritize confidentiality, the latter emphasize availability and operational continuity. “This difference in focus creates resistance to applying patches or security measures that could affect the continuous operation of the plant or system,” explains Albors.
A Comprehensive Strategy Against Threats
ESET proposes a defense-in-depth strategy based on multiple layers of security. Among the recommended measures are:
- Asset inventory: knowing which devices are connected is the first step.
- Network segmentation: isolating OT systems from the rest of the corporate network to contain potential infections.
- Access management: privilege control and multi-factor authentication.
- Scanning and patching: rapid correction or mitigation of vulnerabilities.
- Continuous monitoring: real-time threat detection and response.
- Backup and encryption: to ensure recovery from attacks like ransomware.
- Third-party oversight: assessing risks in the supply chain.
- Personnel training: fostering a culture of operational security from within.
Towards a New Paradigm of Hybrid Security
Hybrid threats—those that combine cyberattacks with physical impacts—are already a concrete concern. Gartner estimates that by 2025, 30% of cyberattacks on critical infrastructure will have material consequences. This compels organizations to adopt a more holistic approach to security that does not separate the digital world from the physical one.
“OT cybersecurity must stop being seen as a technical issue and become a strategic priority. The convergence of IT and OT, along with the malicious use of artificial intelligence, demands a higher level of preparedness. Industrial resilience begins with prevention,” concludes Albors.
Additional sources consulted: