Back New report on threats in industrial companies

2023 / 03 / 29
ZIURek, hiru hilean behin argitaratzen duen txostena kaleratu du, kasu honetan Gipuzkoako industria-sektoreak jasandako mehatxuen inguruan. Txosten honen helburua, arintze edo euste-lanak egin behar izanez gero, sektoreko erakundeei prebentzio-neurri egokiak hartzen laguntzea edo jarduera-protokolo egokiak lantzea da.

New ZIUR report on threats in industrial companies

ZIUR has published its quarterly report on threats to the Gipuzkoan industrial sector, with the aim of helping entities in the sector to adopt the appropriate preventive measures, or to prepare the pertinent action protocols, in the event that they need to carry out mitigation or containment tasks.

The benefits of digitization and connectivity are enormous, but at the same time, they have increased the exposure area of companies to cyberattacks, so protecting industrial infrastructure is essential. The consequences of a cyberattack can range from the kidnapping of data to demand a ransom, the theft of IPR (Intellectual Property), to the stoppage of machines or their malfunction. In the latter case, a modification of the preset values (setpoints) in the machine may cause the manufactured product to not come out with the expected quality, or even make wrong decisions due to data manipulation. Its consequences can be economic, but it can cause environmental damage or even cause injuries of different degrees to people, in addition to projecting a bad image of the company.

With this analysis, ZIUR intends to address the current state of cybersecurity in the industrial sector, carrying out an analysis of the main challenges and threats that industrial entities have to face. In this sense, the report includes the evolution, trend and impact of threats to Industry 4.0 in the last quarter, the techniques and methodologies used in cyberattacks against the sector (attack vectors used, predominant types of attack and attacker objectives ); as well as the challenges of cybersecurity in the sector; the security status of IT and OT networks; and the security situation of the supply chain. Likewise, the report gathers guidelines to guarantee business continuity and ensure the user experience, and a reflection on the current regulatory framework and regulatory laws. Finally, ZIUR offers conclusions and some recommendations.