Cyberattacks Pose Growing Threats to Technological Operations Systems
In 2023, the Australian Cyber and Infrastructure Security Centre (CISC) took significant strides to bolster national cybersecurity, particularly in Industrial Control Systems (ICS) and Operational Technology (OT) environments. The CISC collaborated with various entities, including federal, state, and local governments, the Australian Defence Force, academia, industry, Five Eyes intelligence partners, and international partners to enhance national security and resilience.
Key initiatives by the CISC include the publication of critical infrastructure asset class definition guidance and the activation of the Critical Infrastructure Risk Management Program. The Critical Infrastructure Risk Management Program is part of a trio of security obligations introduced by recent amendments to the Security of Critical Infrastructure Act 2018.
A new report by Dragos Inc., titled 'Australian 2023 OT Cybersecurity Year in Review,' has shed light on a pivotal shift for Australian organizations. Sophisticated threat groups and hacktivists have demonstrated the capacity to breach critical infrastructure networks and disrupt OT systems.
Ransomware remains the number one attack vector globally in the industrial sector, with a nearly 50% increase in reported incidents in 2023. Lockbit caused 25% of total industrial ransomware attacks, with ALPHV and BlackBasta accounting for 9% each. The Lockbit 3.0 compromise of DP World Australia in November led to a three-day shutdown of land-side port operations.
Several ransomware incidents, such as DP World Australia, reinforced the cascading effects of ransomware on industrial operations, supply chains, and consumers. The incident at DP World Australia, while not involving ransomware deployment, resulted in a backlog of 30,137 containers that took ten days to clear.
The report emphasizes the need for leaders and their teams to work together to implement programs and critical safeguards in ICS/OT cybersecurity. Hayley Turner, Area Vice President of Dragos Asia Pacific, stated that the number of ransomware incidents globally continues to climb, leading to cascading impacts for virtually every industrial sector, particularly manufacturing.
Robust asset monitoring, intelligence-based detections for sophisticated threats, and a coordinated response are crucial for safeguarding essential services, according to Turner. The Australian Signals Directorate's Annual Cyber Threat Report highlights that these sectors are increasingly targeted out of motivation to gain geopolitical advantages.
In 2023, there were 905 global ransomware incidents that affected industrial organizations, with 13 of these incidents involving Australian organizations. The manufacturing sector continues to be the primary target of ransomware, accounting for 71% of all ransomware attacks.
The report also highlights the emergence of new threat groups, including VOLTZITE linked to Volt Typhoon. The group overlaps with Volt Typhoon, a group that the US Government publicly linked to the People's Republic of China.
The Australian 2023 Dragos OT Cybersecurity Year in Review report provides an overview of the significant cybersecurity trends impacting industrial infrastructure organizations. The report can be downloaded for those interested in gaining a deeper understanding of the current cybersecurity landscape in Australia.
Read also:
- Trump announces agreement with Chinese authorities on TikTok deal
- List of 2025's Billionaire Video Game Moguls Ranked by Fortune
- Dynamic exchange of power and data is shaping the network of tomorrow
- Italy passes legislation regulating AI, focusing on privacy protection, supervision, and safeguards for minors
