Industrial Cyber Security Incidents Revealed
AutomationWorld highlights the rise in cyber incidents affecting control systems. This new report lays out trends seen in 2009 and makes comparisons to historical data.
AutomationWorld.com May, 2010
“We track the number of incidents per year. And even though the rate has moved up and down, when we do a linear interpolation, we can definitely see that the trend is increasing at probably 20 percent to 25 percent per year over the last decade,” says Cusimano. On average, confirmed industrial cyber incidents are now being reported at a rate of about 10 each calendar quarter, he notes.
The RISI database includes accidental cyber-related incidents, as well as deliberate events such as external hacks, denial-of-service attacks and virus or worm infiltrations that did or could have resulted in loss of control, loss of production or a process safety incident. About 25 percent of all reported incidents are the result of intentional, directed attacks, says Cusimano. Security incident data is obtained from three sources—private incident reports submitted by industrial companies, searches for publicly reported incidents and data-sharing agreements with various organizations.