Cyberattacks on critical infrastructure jump by 41% in first half of 2021

Numbers are going up and almost three-quarters of attacks cause critical damage

James Spiro 14:3218.08.21
Cybersecurity company Claroty has revealed that it has seen a 41% increase in industrial control system (ICS) vulnerabilities in the first half of 2021 compared to the previous six months. The findings, which were highlighted in a report from Claorty’s Israel-based team Team82, are particularly troubling since there had already been an increase by 25% from 2019 and 33% from 2018.


“As more enterprises are modernizing their industrial processes by connecting them to the cloud, they are also giving threat actors more ways to compromise industrial operations through ransomware and extortion attacks,” said Amir Preminger, vice president of research at Claroty. “The recent cyber attacks on Colonial Pipeline, JBS Foods, and the Oldsmar, Florida water treatment facility have not only shown the fragility of critical infrastructure and manufacturing environments that are exposed to the internet, but have also inspired more security researchers to focus their efforts on ICS specifically. This is exactly why we are committed to helping the industry at large gain a deep understanding of the risks facing industrial networks and how to mitigate them with this report.”
 Amir Preminger, vice president of research at Claroty. Photo: Keren Mazor Amir Preminger, vice president of research at Claroty. Photo: Keren Mazor


Claroty’s third Biannual ICS Risk & Vulnerability Report comes at a time where cybersecurity companies are stressing the volume and pace at which governments, enterprises, and institutions are presented with hacks and attacks. Reports from Israeli firms Cybereason and Deep Instinct have also confirmed this by outlining what they believe are some of the biggest threats and how countries can counter them.

Among Claroty’s findings, the report confirmed that 71% of the vulnerabilities are classified as high or critical and that 90% have low attack complexity, meaning they do not require special conditions and an attacker can expect repeatable success every time. More than one quarter (26%) of attacks have either no available fix or only a partial remediation.


The cybersecurity firm outlined some of the steps that companies can take in order to mitigate these attacks and prevent crimes. Among them are network segmentation (which applies to 59% of vulnerabilities), secure remote access (53%), and ransomware, phishing, and spam protection (33%).


The report was written primarily by Chen Fradkin, a security researcher at Claroty. Contributors to the report include Rotem Mesika, security research team lead; Nadav Erez, director of innovation; Sharon Brizinov, vulnerability research team leader; and Preminger.


Claroty was founded in 2014 and helps secure the safety and reliability of industrial control networks. To date, it has raised $232 million, $140 million of which came from its Series D round in June led by Bessemer Venture Partners and with participation from 40 North, LG, I Squared Capital, and Team8.