In its Vulnerability and Threat Trends Report 2018 , security company Skybox revealed that industrial control systems (ICS) in particular remain at risk in the areas of energy, production and supply: The number of new weak points in operational technology have more than doubled within a year. Attackers have not changed their focus: the financial and healthcare sectors. However, charity organizations are now seeing more and more attacks, which is new. According to the British Cyber Security Breaches Survey 2018, 19% of all charity organizations were the target of a cyber attack within the past twelve months.
The VDE Tec Report on Digitalization and Cyber Security , presented to the association on April 23 at the Hannover Messe, paints a clearer picture. In 2017, cyber attacks affected four of ten members, with an additional four unable to say whether or not they were attacked. Of those surveyed 68% named infections with malware as the greatest threat to Industry 4.0, while 49% worried about the security of remote maintenance connections. Another 59% name human error as a relevant risk. The report names a known fundamental problem: a lack of awareness of the risk situation among both employees (75% see deficits here) and company management. Nearly one-third of those surveyed still do not see cyber security as a requirement for business continuity, but instead primarily consider it a cost-driver.
A special supplement issued as part of the Forum Industrial Security 2018 fair also focused on the topic of security. The print version is out of stock, but a downloadable PDF is available online. Another release in time for the Hannover Messe: BSI Magazine “Mit Sicherheit” 1/2018 . In it, the Federal Office for Information Security issued warnings not only against malware like WannaCry and Petya, but also against “advanced spy attacks that could affect any company.” The focus lies on security by design in Industry 4.0, with the advice here being: “Not hype, but a necessity.”