Skip to content

Why we haven’t seen the worst OT cyber attacks yet   


Published:

No organization is immune to cyber attacks. Yet, we have only seen a fraction of what could transpire. While connected critical technologies signifies great progress in streamlining operations, the escalating risk of cyber attacks also poses a threat to operational technology (OT), potentially jeopardizing the security, economy, and operations of businesses. In this blog post, we will outline five critical actions for industrial companies. 

Operational technology has become increasingly integrated with its environment in recent years. The strong focus on digitalization in society has drawn IT systems with connected cloud services and automation closer to the operational technology used in, for example, production lines, machines, and sensors. Businesses have escalated their investments in automation as demands for efficiency increase. In the meantime, we have witnessed an uptick in cyber attacks, the impacts of which carry significant consequences for both organizations and society at large. 

Vulnerabilities in the industrial sector can emerge in this technology gap, which, in turn, could affect, or in the worst case, incapacitate critical functions by creating operational disruptions, production barriers, and even risking human safety. 

In May 2023, the Danish critical infrastructure was subjected to the most extensive cyber attack the country has ever experienced. 22 companies operating parts of the Danish energy infrastructure were compromised in a coordinated attack. Consequently, the attackers gained access to some of the companies’ industrial control systems, forcing several companies to switch to fully isolated operations, causing major disruptions to operations and affecting over 100 000 Danes. 

While it is not possible to fully guard against cybercrime, there are several measures that all companies involved in operational technology need to implement to better protect themselves against future cyber attacks and minimize the damage of a potential attack. Companies and the public sector are also expected to comply to the NIS2 Directive by autumn this year, with the aim to strengthen common cybersecurity in the EU.  

Five critical actions for businesses with OT 

Here are five ways industrial companies with substantial operational technology can fortify their cyber defense: 

  • Gain insight into the company’s systems: The importance of having an effective overview of devices in both IT and OT networks cannot be overstated. For instance, the ability to detect when unauthorized devices connect to the network or when unknown changes occur is central to building an effective cyber defense. 
  • Segment the networks: Once attackers have compromised an entry point in a breach, it becomes extremely dangerous if they can continue to move freely within the network. Dividing your network into smaller logical parts and restricting access between them limits the attack surface a single system can offer. 
  • Restrict access for users: Knowing who has access to what in your organization provides increased control. Introducing the capability to ensure that only authorized personnel have access to sensitive systems reduces the risk of unauthorized access. 
  • Monitor the network: Implement a strategy for how the organization monitors and detects threats that arise in sensitive environments. Rapid detection enables a swift response, which, in turn, can lead to a reduced impact. 
  • Practice: Processes are only effective if implemented correctly. Regularly practicing and testing your procedures is key to being able to act quickly when necessary. 

The importance of investing in and prioritizing cybersecurity cannot be overemphasized, especially at a time when no one is immune to cyber attacks. The NIS2 Directive, which imposes higher demands on cybersecurity, will come into force in the autumn. At the same time, societal developments, geopolitical conditions, and demands for efficiency improvements pose additional challenges for industry and its critical infrastructure. Therefore, a shift is necessary to ensure the security of people and society. With a clear plan for this process, the transition can be smooth and painless, but it is essential to start today. 

Contact our experts at NTT Security to discuss your cybersecurity and NIS2 compliance needs and discover how our services can support your journey towards safeguarding your organization.