Tom Merritt breaks down the recent trend of cyberattacks on physical infrastructure and how to prevent them.
Cyberattacks are top-of-mind for a large number of IT people with data breaches a constant drumbeat and ransomware now a widespread problem.
If you're the kind of person who was paying attention to ransomware years ago and want to make sure you're prepared for the next kind of attack before it hits, pay attention to Gartner's latest report. Physical systems are a prime target, according to Gartner's analysts.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
Here are five things to know about cyber-physical attacks
- Operational technology is the main type of target. That includes "hardware and software that monitors or controls equipment, assets and processes." The idea is that control frameworks for actual things are infiltrated and used to cause harm. Businesses in manufacturing, resources and utilities are the ones that most need to pay attention.
- The main purpose may be to harm your reputation. If your plant goes awry or your service goes down because of a physical attack, your customers lose confidence. You want to be seen as reliable, not vulnerable.
- Cyber-physical attacks may be vandalism meant to simply hurt the bottom line. Attacks that shut down an assembly line or take down a control system may simply want to reduce output.
- It will cost you. Gartner estimates the financial impacts of cyber-physical attacks could reach $50 billion by 2023. The lumps in compensation, litigation, insurance, regulatory fines and reputation loss.
- It may even cost lives. In industries that rely on technology for safety, infiltrators could cause those systems to harm or kill workers. Gartner believes attackers will successfully weaponize someone's operational technology to kill or harm a person by 2025.
These attacks are coming, and the way to prove Gartner wrong—at least for your sector—is to prepare now.
Subscribe to TechRepublic Top 5 on YouTube for all the latest tech advice for business pros from Tom Merritt.
Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays
Sign up todayAlso see
- Kaseya attack: How ransomware attacks are like startups and what we need to do about that (TechRepublic)
- Kaseya attack shows how third-party software is the perfect delivery method for ransomware (TechRepublic)
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats on the horizon: What IT pro's need to know (free PDF) (TechRepublic)
- Checklist: Securing digital information (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)