News: Companies not taking enough preventive measures.
Cyber attacks are posing a major threat to the UK’s critical infrastructure and manufacturing base, in the wake of industries integrating industrial control and corporate information systems.
According to a study conducted by KPMG, 80% claimed that they have or are planning to merge their production and corporate IT systems, with 83% believing that that their production systems can be targeted.
However, two-third of respondents claimed that they have not yet analysed the threat that cyber criminals pose to their industrial control systems.
Nearly 50% of respondents also confessed that their businesses were not investing enough to improve cyber security.
The issue was highlighted in 2014, when unknown attackers took control of the corporate network of a German steel plant.
The German Federal Office for Information Security (BSI) revealed in its annual report that the attackers used booby-trapped emails to steal logins to get into the mill’s control systems.
Parts of the plant failed to operate and a blast furnace suffered major damage.
Previously, a virus called Stuxnet was also used to damage centrifuges being used by Iran in its nuclear enrichment programme.
Such attacks can not only be an economic burden but could also pose major threat to environment, said KPMG.
KPMG Cyber Security team member Roy McNamara said: "As industrial control systems evolve companies are looking to reduce costs and improve efficiency by consolidating IT services and adopting sophisticated data analytics, integrating previously standalone control systems with corporate intranets or even the internet.
"In doing so, they may open themselves up to threats including organised crime, hacktivism and even state sponsored attack."