Select Page
EXECUTIVE BRIEF

The Cost of OT Cybersecurity Incidents

EXECUTIVE BRIEF

The Cost of OT Cybersecurity Incidents

Cyberattacks can cause devastating business disruptions and lead to financial losses reaching hundreds of millions of dollars.

The World Economic Forum’s 2020 Global Risk Report ranked cyberattacks causing disruption to operations and critical infrastructure among the top five increasing global risks.1 Accenture estimates that the number of cyberattacks has gone up by 67% in the last five years.2

The increasing digital connectivity of industrial networks opens them up to cyber threats, underscoring the importance of protecting not just IT systems, but also operational technology (OT) systems. An analysis of the most prominent cyberattacks that occurred over the past five years across a variety of industries – conducted by Nozomi Networks – shows that OT systems were frequently impacted. Industry sources confirm that regardless of the type of malware deployed, victims suffer business disruption, information loss, revenue loss and equipment damage.2

Fortunately, new technology is available that significantly reduces risk by improving the cybersecurity of industrial networks. Simpler to deploy than you might expect, it delivers a nearly immediate ROI.

High Profile Industrial Cybersecurity Incidents

duke
2016

Duke Energy

Electric Power Company

CYBER COMPLIANCE

Failure to Meet Regulated Cybersecurity Standards


COST

$10 million

Duke Energy Corp. was fined $10 million by the North American Electric Reliability Corporation (NERC) for cybersecurity violations that took place between 2015 and 2018. The 127 violations of safety rules included failure to protect sensitive information on its most critical cyber assets and allowing improper access to sensitive systems and physical locations.

The lapses were considered to pose “a serious risk to the security and reliability” of the power system. Most were self-reported and were attributed to lack of managerial oversight.3

duke
2017

A.P. Moller Maersk

Shipping and Logistics

CYBER COMPLIANCE

Ransomware: NotPetya


COST

$300 million

A NotPetya attack disrupted operations for two weeks, blocking access to systems the company relied on to operate shipping terminals. The incident temporarily shut down the Port of Los Angeles’ largest cargo terminal. The company lost $300 million in business disruption and equipment damage.

Maersk had to undertake an almost complete infrastructure overhaul. They reinstalled 4,000 servers, 45,000 PCs and 2,500 applications over the course of ten days, a process that would normally have taken six months to implement.4

duke
2018

Saudi Petrochemical Plant

Oil and Gas

CYBER COMPLIANCE

OT-Specific Malware: TRITON


COST

Undisclosed

A petrochemical plant in Saudi Arabia, owned by Tasnee, was the victim of a milestone cyberattack that aimed to impact its physical process, by interacting with and controlling its safety system. Fortunately, TRITON’s programming led to an automated, safe shutdown of the facility, rather than the intended explosion or uncontrolled disruption.

While the costs of the incident were not disclosed, they included business disruption, process disruption, revenue loss and a major cyber investigation.5,6,7

duke
2019

Norsk Hydro

Metals and Mining

CYBER COMPLIANCE

Ransomware: LockerGoga


COST

$70 million

The ransomware LockerGoga blocked the company’s systems, forcing a switch to manual operations and workarounds. The Extruded Solutions unit, which makes components for car manufacturing, construction and other industries, reduced its output by 50%.

Administrative systems, such as reporting, billing and invoicing, suffered delays. It took Norsk Hydro several weeks to bring operations back to normal. Lost margins and low production volumes were estimated to cost up to $70 million.8

More Costs of Prominent Industrial Cybersecurity Incidents

OrganizationAttack TypeIncident and ImpactCost
Energy Ukrenergo

(Ukrainian power company)

OT-Specific Malware: Industroyer/CrashOverride
Disrupted operations resulting in a blackout in the capital city of Kiev.9,10

225K

customers without power

Food & Beverage Mondelez Ransomware: NotPetya Targeted twice in a year
Lost sales, compromised electronic data plus software and equipment damage.11

$150-$188M

Manufacturing Reckitt Benckiser Ransomware: NotPetya
Lost sales, disruptions to manufacturing & ordering systems, shipping terminals, IT networks and other vital infrastructure, in multiple markets.12

$117M

Pharmaceutical Merck Ransomware: NotPetya
Production shutdown, including inability to fulfill vaccine orders, lost sales and technology remediation.13

$670M

Shipping and Logistics Fedex Ransomware: NotPetya
IT operations disruption, impacted deliveries and sales, loss of revenue, and drop in earnings for one quarter.14

$300M

4-Continuously-Monitor-min

Find out How to Reduce Risk with OT and IoT Visibility and Security Technology

While increasing cyber threats dominate the news, there is good reason to be optimistic.

 New technology, such as the Nozomi Networks solution, is easy and safe to deploy, and dramatically improves OT cyber resiliency and risk mitigation. It is a single application that can be used by both OT and IT, and it integrates seamlessly with security infrastructure.

Want to Know More?