Hottest topics in industrial cybersecurity for 2021

Analysis of past attacks in the throwback attack series, attacks on operational technology assets, industrial malware, industrial ransomware and physical plant damage beyond computers are among leading topics of industrial cybersecurity interest in 2021.

By Chris Vavra, Gary Cohen, Mark T. Hoske January 12, 2022
Image courtesy: Brett Sayles

Industrial cybersecurity remains critically important to subscribers of Control Engineering, Plant Engineering, and other CFE Media and Technology publications. Hot topics in 2021 included analysis of prior cybersecurity attacks, malware, rasomware and physical plant damage past computer assets. In early 2021, CFE Media and Technology launched Industrial Cybersecurity Pulse. The site was created to give readers a deeper look at cybersecurity issues that impact manufacturing and help them be better prepared for what lies ahead. While cybersecurity may have been seen as an information technology (IT) issue a few years ago, that is no longer the case. The rise of the Industrial Internet of Things (IIoT), bringing connectivity to operational technology (OT) devices that used to be siloed off, means a manufacturing facility can and will be affected by cyber incidents whether they’re malicious or innocent.

2021 had its share of high-profile cyberattacks with SolarWinds, Oldsmar and Colonial Pipeline having a major effect on public and private businesses. While it’s tempting to write off 2021 as a bad year (it was), these attacks aren’t going to decrease. Interconnectivity is a fact of life and has been since the internet became ubiquitous more than 20 years ago. Almost everything is a potential attack vector.

As indicated in these top 10 stories from ICS Pulse, the past is more than prologue. It is a way for people to see what happened historically and to be on their guard for the future. As with health, an ounce of prevention is worth a pund of cure. People need to be safe when using their computers and other devices connected to the internet. There is great potential for good, but the reverse is also true, and it has been that way longer than people realize.

Learning from past cybersecurity incidents; OT cybersecurity

Notably, readers seem to want to learn from earlier mistakes. Four of the five top 2021 articles, and half of the top 10, were from the “Throwback Attack” series. As the name implies, the throwback attack articles explain and try to provide new insights on cyberattacks from the past.

While the cybersecurity video interview series remains popular and engaging, one of the interview topics hit the top 10, at No. 6. For years, many in the fields of control engineering and plant engineering considered cybersecurity an information technology (IT) issue. Clearly, it’s been an operational technology (OT) issue, as well, with implications well beyond a particular machine, unit, or process, with national implications. Similarly, chief information security officers (CISO) are showing interest in and can help OT cybersecurity efforts, especially when considering who should be involved, as in article No. 9.

Physical asset damage inside a plant beyond computers as a result of a cybersecurity breach has been demonstrated as a possibility and documented, yet actual reports of such damage remain rare. It’s not surprising that explanations about massive damage inside a German steel mill ranked No. 10.

Top 10 Industrial Cybersecurity Pulse articles posted in 2021

The articles posted during 2021 at www.industrialcybersecuritypulse.com with the most clicks during 2021 follow, pulled from Google Analytics.

  1. Throwback Attack: A Florida teen hacks the Department of Defense and NASA, April 8. In 1999, a 15-year-old north Floridian penetrated into Department of Defense and NASA computers.
  2. Throwback Attack: Chinese hackers steal plans for the F-35 fighter in a supply chain heist, July 8. Chinese hackers stole sensitive technical documents related to the development of the F-35 Lightning II strike fighter jet in 2007.
  3. Throwback Attack: How NotPetya accidentally took down global shipping giant Maersk, September 30. In 2017, one of the most widespread and devastating cyberattacks was perpetrated against worldwide shipping giant Maersk.
  4. Throwback Attack: How the modest Bowman Avenue Dam became the target of Iranian hackers, August 12. In 2013, the Bowman Avenue Dam in Rye Brook, New York, was targeted by seven Iranian hackers on behalf of the country’s Revolutionary Guard Corps in a far-reaching cyberattack on U.S. infrastructure targets.
  5. Molson Coors cyberattack impacts production, shipments, April 1. Chicago-based brewing and beverage company Molson Coors acknowledged they experienced a systems outage due to a cybersecurity incident.
  6. Ransomware Attacks and OT: Expert Interview Series, Hayley Turner, Darktrace, September 3. Operational technology (OT) systems can also be compromised — in fact, there is malware that has been specifically designed to impact OT systems — and that can have huge ramifications on critical national infrastructure, says Hayley Turner, director of industrial security at Darktrace. See video.
  7. Attacks on critical national infrastructure escalate with Colonial Pipeline hack, May 10. The vulnerability of U.S. critical national infrastructure was again thrown into sharp relief when a ransomware attack shut down a pipeline that provides the East Coast with nearly half of its diesel, gasoline and jet fuel.
  8. Kaseya ransomware attack hits IT management companies and causes global disruptions, July 6. A cyberattack hit Dublin, Ireland-based software provider Kaseya and impacted around 1,500 companies over the first weekend.
  9. Five questions every CISO should ask about OT cybersecurity, May 3. In operational technology (OT) cybersecurity, getting the “who” right is critical and often complex.
  10. Throwback Attack: A cyberattack causes physical damage at a German steel mill, June 10. In 2015, details emerged from a cyberattack that caused “massive damage” to a blast furnace at a German steel mill, in the second-ever digital attack that caused physical harm to equipment.

Chris Vavra, web content manager, CFE Media and Technology, cvavra@cfemedia.com, Mark T. Hoske, content manager, Control Engineering, mhoske@cfemedia.com; Gary Cohen, content manager, Industrial Cybersecurity Pulse, gcohen@cfemedia.com.

Original content can be found at Control Engineering.


Author Bio: Chris Vavra, web content manager, CFE Media and Technology, cvavra@cfemedia.com; Gary Cohen, content manager, Industrial Cybersecurity Pulse, gcohen@cfemedia.com. Mark T. Hoske, content manager, Control Engineering, mhoske@cfemedia.com;