The Cost of OT Cyber Security Incidents
Cyberattacks can cause devastating business disruptions and lead to financial losses reaching hundreds of millions of dollars.
The World Economic Forum’s 2020 Global Risk Report ranked cyberattacks causing disruption to operations and critical infrastructure among the top five increasing global risks. 1 Accenture estimates that the number of cyberattacks has gone up by 67% in the last five years. 2
The increasing digital connectivity of industrial networks opens them up to cyber threats, underscoring the importance of protecting not just IT systems, but also operational technology (OT) systems. An analysis of the most prominent cyberattacks that occurred over the past five years across a variety of industries – conducted by Nozomi Networks – shows that OT systems were frequently impacted. Industry sources confirm that regardless of the type of malware deployed, victims suffer business disruption, information loss, revenue loss and equipment damage. 2
Fortunately, new technology is available that significantly reduces risk by improving the cybersecurity of industrial networks. Simpler to deploy than you might expect, it delivers a nearly immediate ROI.
2016
Duke Energy
Electric Power Company
CYBER COMPLIANCE
Failure to Meet Regulated Cybersecurity Standards
COST
$10 Million
Duke Energy Corp. was fined $10 million by the North American Electric Reliability Corporation (NERC) for cybersecurity violations that took place between 2015 and 2018. The 127 violations of safety rules included failure to protect sensitive information on its most critical cyber assets and allowing improper access to sensitive systems and physical locations.
The lapses were considered to pose “a serious risk to the security and reliability” of the power system. Most were self-reported and were attributed to lack of managerial oversight.3
2017
A.P. Moller Maersk
Shipping and Logistics
CYBER COMPLIANCE
Ransomware: NotPetya
COST
$300 million
2018
Saudi Petrochemical Plant
Electric Power CompanyOil and Gas
CYBER COMPLIANCE
OT-Specific Malware: TRITON
COST
Undisclosed
A petrochemical plant in Saudi Arabia, owned by Tasnee, was the victim of a milestone cyberattack that aimed to impact its physical process, by interacting with and controlling its safety system. Fortunately, TRITON’s programming led to an automated, safe shutdown of the facility, rather than the intended explosion or uncontrolled disruption.
While the costs of the incident were not disclosed, they included business disruption, process disruption, revenue loss and a major cyber investigation.5, 6, 7
2019
Norsk Hydro
Metals and Mining
CYBER COMPLIANCE
Ransomware: LockerGoga
COST
$70 million
More Costs of Prominent Industrial Cybersecurity Incidents
| Organization | Attack Type | Incident and Impact | Cost | |
|---|---|---|---|---|
| Energy | Ukrenergo (Ukrainian power company) |
OT-Specific Malware: Industroyer/CrashOverride | Disrupted operations resulting in a blackout in the capital city of Kiev.9,10 |
225Kcustomers without power |
| Food & Beverage | Mondelez | Ransomware: NotPetya Targeted twice in a year | Lost sales, compromised electronic data plus software and equipment damage.11 |
$150-$188M |
| Manufacturing | Reckitt Benckiser | Ransomware: NotPetya | Lost sales, disruptions to manufacturing & ordering systems, shipping terminals, IT networks and other vital infrastructure, in multiple markets.12 |
$117M |
| Pharmaceutical | Merck | Ransomware: NotPetya | Production shutdown, including inability to fulfill vaccine orders, lost sales and technology remediation.13 |
$670M |
| Shipping and Logistics | Fedex | Ransomware: NotPetya | IT operations disruption, impacted deliveries and sales, loss of revenue, and drop in earnings for one quarter.14 |
$300M |
Find out How to Reduce Risk with OT and IoT Visibility and Security Technology
While increasing cyber threats dominate the news, there is good reason to be optimistic.
New technology, such as the Nozomi Networks solution, is easy and safe to deploy, and dramatically improves OT cyber resiliency and risk mitigation. It is a single application that can be used by both OT and IT, and it integrates seamlessly with security infrastructure.
References
1. “The Global Risks Report 2020,” World Economic Forum, 2020
2. “The Cost of Cybercrime, “ Accenture, 2019.” World Economic Forum, 2020
3. “Reports: Duke Energy fined $10 million for cybersecurity failures on grid,” Charlotte Business Journal, Feb.2, 2109.
4. Cyberattack cost Maersk as much as $300 million and disrupted operations for 2 weeks,” L.A. Times, August 17, 2017.
5. “Researchers Link Cyberattack on Saudi Petrochemical Plant to Russia,” Wall Street Journal, Oct. 23, 2018
6. “Triton hackers return with new, covert industrial attack,” ZDNet, April 10, 2019.
7. “TRITON: The First ICS Cyber Attack on Safety Instrument Systems” Nozomi Networks, August, 2018.
8. Norsk Hydro First Quarter 2019 Report
9. “‘CRASH OVERRIDE’: The Malware that Took Down a Power Grid,” Wired, June 12, 2017.
10. “Defending Against Industroyer with ICS Anomaly Detection,” Nozomi Networks, June 29, 2017.
11. “Mondelez files $100m claim from Zurich Insurance for NotPetya Cyber Attack,” Cybersecurity Insiders.
“Mondelez not yet ‘back to normal’ from cyber attack,” August 8, 2017, Food Business News.
12. “How Much did cyberattack cost Reckitt Benckiser? Try $117 million,” July 6, 2017, AdAge.
13. “NotPetya ransomware cost Merck more than $310 million,” October 27, 2017, CyberScoop.
14. “NotPetya cyber-attack cost TNT at least $300m,” September 2017, BBC.
Let's get started
Discover how easy it is to anticipate, diagnose and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.
