A new report from Securin highlights the weaknesses affecting Industrial Control Systems and Operational Technology at a time when cyberattacks on these sectors are escalating at an alarming rate.
According to the Cybersecurity and Infrastructure Security Agency (CISA), critical infrastructure encompasses systems and assets that are so essential to the United States that their disruption would significantly impact national security, economic stability, public health, or safety.
From 2023 – 2024, critical infrastructure worldwide faced an estimated 13 cyberattacks every second, amounting to over 420 million incidents. The cyber-attacks that we have seen throughout recent years highlight just how important it is for critical infrastructure systems across the country to update their cybersecurity practices.
This is why Securin, a leader in proactive cybersecurity solutions and continuous threat monitoring, recently released its Critical Infrastructure Overview 2024 report that examined over 1,700 attacks on critical infrastructure. This report highlights the vulnerabilities plaguing vital industries, including energy, manufacturing, water and healthcare. These sectors are increasingly targeted by sophisticated threat actors, making it a collective priority for private and public enterprises to address.
The top takeaways from this report include:
1. Sectors That Face the Most Risk – The most vulnerable critical infrastructure sectors, as identified by Securin’s report, are manufacturing, healthcare, water and wastewater utilities and energy. These sectors face escalating risks due to a mix of misconfigurations, a growing attack surface and legacy systems.
2. Attack Vectors – Threat actors are exploiting poor security hygiene and legacy systems to gain entry into critical systems. Vulnerability and misconfiguration exploits remain the leading attack vector (30%), followed by compromised credentials (22.8%) and spear phishing via links or attachments (19%).
3. Threat Actors – Leading attackers targeting critical infrastructure include nation-state actors from countries like Iran and Russia. Groups such as Sandworm and BlackCat have taken advantage of outdated software and unpatched vulnerabilities, frequently using geopolitical tensions to concentrate their attacks on critical sectors.
4. Common Weakness Enumeration (CWEs) and Common Vulnerabilities – The report highlights persistent vulnerabilities in critical infrastructure systems, including Cross-Site Scripting (CWE-79), Exposure of Sensitive Information (CWE-200), and SQL Injection (CWE-89). These vulnerabilities highlight the importance of secure by design software development practices and thorough patch management.
The stakes for critical infrastructure continue to rise, and the relentless targeting by threat actors demands urgent action. This is why the importance of modernization efforts cannot be understated. Especially when many critical infrastructure sectors extensively use legacy systems for their day-to-day operations. Many legacy systems are vulnerable to inter-system attacks due to their lack of strong defenses compared to the cloud-based platforms they are linked to, making U.S. infrastructure organizations highly susceptible to exploitation.
It is crucial for all organizations—especially those in critical infrastructure sectors—to modernize their outdated systems and adopt cybersecurity managed services. Collaboration across cybersecurity leaders, governments and industries is essential to safeguard these vital sectors. With the right collaboration and decisive action, we can protect the systems that underpin our society and ensure a more secure future.
