Critical infrastructure asset owners and operators have long faced the challenges of operating an aging system with limited resources, increasing customer demands, and ever-increasing risks. The expanding cyber security risk of criminal ransomware and extortion attacks resulting in impacts to manufacturing and production facilities is a risk that is facing business leaders across all industries with a particular OT (operational technology) nuance requiring additional management awareness.

At the same time, there is also an increasing concern around destructive system manipulation attacks architected to uniquely target a physical process in a manner that misuses the system to cause adverse effects. These state-sponsored groups demand the attention of leaders and critical infrastructure system defenders around the world.

Key Insights:

• Differences in IT and OT targets of attack for criminal groups
• Where ICS/OT attacks will head in the future
• Mitigations to pursue now
• How high-impact/low-frequency events must be avoided or managed
• Adversary misuse cases and system targeting goals to achieve effects on target