Cyber threats are becoming a growing concern for industrial facilities characterized by a high degree of automation, especially those that highly rely on Operational Technology (OT) systems such as process facilities. Fixed installations where chemical and petroleum products are manufactured and stored (e.g. Seveso sites in EU) are of primary concern since attackers may exploit their inherent hazardous conditions and trigger events with severe consequences on workers, population, the environment, and the company itself (e.g. major accidents). The study is based on the development of a database of 82 cybersecurity-related incidents (CSIs) and its analysis using Exploratory Data Analysis (EDA). Time-trend (from 1975 to 2020), geographical distribution, distribution among the industrial sectors, impacts of the incidents, and type of attackers (intentional external / intentional internal / accidental) were investigated, evidencing important findings. The attacks resulted to be able to affect not only the company Information Technology (IT) system, which is a threat common to several business sectors, but also to manipulate the control and safety systems (OT). Finally, the analysis of a sub-set of incidents with more detailed information allowed to identify the general phases of a cyber-attack to IT-OT systems of a process facility. The information obtained can be used to support the application of the techniques commonly used to handle security-risks in process facilities, such as Security Vulnerability Assessment (SVA) methodologies.
Iaiani M., Tugnoli A., Cozzani V. (2021). Cyber Threats Affecting the Process Industry and Similar Sectors [10.3850/978-981-18-2016-8_588-cd].
Cyber Threats Affecting the Process Industry and Similar Sectors
Iaiani M.;Tugnoli A.
;Cozzani V.
2021
Abstract
Cyber threats are becoming a growing concern for industrial facilities characterized by a high degree of automation, especially those that highly rely on Operational Technology (OT) systems such as process facilities. Fixed installations where chemical and petroleum products are manufactured and stored (e.g. Seveso sites in EU) are of primary concern since attackers may exploit their inherent hazardous conditions and trigger events with severe consequences on workers, population, the environment, and the company itself (e.g. major accidents). The study is based on the development of a database of 82 cybersecurity-related incidents (CSIs) and its analysis using Exploratory Data Analysis (EDA). Time-trend (from 1975 to 2020), geographical distribution, distribution among the industrial sectors, impacts of the incidents, and type of attackers (intentional external / intentional internal / accidental) were investigated, evidencing important findings. The attacks resulted to be able to affect not only the company Information Technology (IT) system, which is a threat common to several business sectors, but also to manipulate the control and safety systems (OT). Finally, the analysis of a sub-set of incidents with more detailed information allowed to identify the general phases of a cyber-attack to IT-OT systems of a process facility. The information obtained can be used to support the application of the techniques commonly used to handle security-risks in process facilities, such as Security Vulnerability Assessment (SVA) methodologies.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
