Understanding Industrial Cybersecurity Threat Vectors

Posted: 16 March 2021

Cybersecurity threats can take many shapes, but one thing they often have in common is the source of the threat. These threat vectors represent the very different motivations for malicious actors and may give companies a chance to guard against them by focusing on mitigating exposure to each individual threat vector. Here are some of the top sources for industrial cybersecurity threats today:

Nation/State Groups: These threats come in the form of nations or states with interests in promoting economic or geopolitical interests. The best-known example of this threat comes from the Stuxnet virus. Nation-state actions may seek to shut down production of products (particularly weapons systems), cripple infrastructure, or damage valuable equipment.

Criminals: These individuals or groups may steal confidential business information to sell or profit from or may breach security to secure personal information for identity theft. Criminal actors may seek ransom for data or uptime or may seek to steal company data to broker to competitors.

Hackers and Activists: These groups may damage systems to prove their capabilities, or else as a form of illegal protest to achieve a political goal. They may hack databases and corporate systems to reveal information about employees or contracts with other businesses.

Insiders: Insiders may have a variety of motivations, from opportunism to a disgruntled attitude. These threats can be especially serious due to intimate knowledge of a system or ICS networks, and can cause severe, irreparable damage. It can be difficult to predict or prevent these, but a strong company ethos and strong employee community can help.

For more information about AVEVA’s security updates, please follow the most recent security notifications.

AVEVA Cybersecurity Updates