OT SECURITY INSIGHTS

Palo Alto Networks
& Siemens
Executive Summary

A comprehensive analysis of critical vulnerabilities and security challenges in operational technology environments, providing actionable insights to protect your infrastructure against evolving cyber threats.

Mouse icon indicating to scroll down
Scroll to begin

The Rising Cyber Risk to Critical Infrastructure

As the convergence of information technology (IT) and operational technology (OT) accelerates, the attack surface for critical infrastructure expands, making these systems increasingly vulnerable to cyberattacks with potentially severe operational and physical consequences.

Cyber Risk Visualization
More than 1.25 million SCADA and OT devices were exposed to the internet.
1.25 million

Expanding Risks for Internet-Connected SCADA Devices

Cortex Xpanse® captured more than 4.53 million unique device fingerprints associated with OT application servers exposed to the public internet, revealing a substantial attack surface that adversaries can exploit.

These systems, which control essential infrastructure, face unique threats when exposed to the public internet. Unlike traditional IT systems, cyberattacks on OT devices can have real-world, physical consequences.

SCADA Device Risk Visualization
Cortex Xpanse captured more than 4.53 million unique device fingerprints associated with OT application servers exposed to the public internet.
4.53 million

Threats Inside OT Networks

The analysis of 51,000 OT firewalls, using Palo Alto Networks App-ID, revealed substantial malware and exploit activity in OT networks. Mapped to the MITRE ATT&CK® Matrix for ICS, key attack tactics identified include Initial Access, Lateral Movement, and Privilege Escalation, which were frequently used to target OT systems.

OT Firewall Analysis Visualization

Exploitation of remote services was the most common tactic in OT networks, accounting for 20% of all incidents.

Remote Services Exploitation Visualization

Exploiting privilege escalation enables threat actors to access protected resources and functionalities within a target system or network that are otherwise restricted. This technique represents 12.3% of top 100 exploits.

Aging vulnerabilities represent a significant trend in the OT security threat landscape.

Privilege Escalation Visualization

The top 100 exploits targeting OT networks were dominated by aging vulnerabilities, with 88% being over 5 years old and 61% over 10 years old. This highlights the critical need for comprehensive patching strategies in OT environments.

Aging Vulnerabilities Visualization

Risk Factors Behind OT Vulnerabilities

Robot icon representing OT systems
61.9%
Analysis of top 100 exploits revealed that 61.9% of exploit triggers in OT networks were linked to CVEs aged 6 to 10 years, indicating that legacy systems remain a significant vulnerability.
Box icon representing software packages
82.7%
The manufacturing sector accounted for 82.7% of internal exploit attempts, demonstrating the significant risks posed by OT systems and internal network vulnerabilities, especially through lateral movement and persistence techniques.
Building icon representing industrial facilities
80%
While certain malware exploits such as trojans and ransomware are well-known and documented, the landscape is evolving and innovating at a high rate. Nearly 80% of detected malware in OT networks was classified as "Unknown," underscoring the growing challenge of identifying and mitigating novel or evolving threats.

Securing Your Infrastructure

As your attack surface expands, build a layered, resilient security framework that scales with the growth of risks.

Dig into the Report

Take an Ultimate Test Drive (UTD)

Experience our OT security solutions firsthand with a guided test drive.

Test It Now

Sign up for Hands On Workshop (HoW)

Join our interactive workshop to master OT security best practices.

Get Hands On

Sign up for Free Trial

Try our comprehensive OT security platform with a no-obligation trial.

Sign Up Now

Additional Resources

Additional Resources

Industrial OT Security icon

Industrial OT Security

Ensure uninterrupted operation of production facilities with industrial OT cybersecurity protection that lets you focus on continued modernization.

Learn More

Advanced Threat Prevention icon

Advanced Threat Prevention

Palo Alto Networks Advanced Threat Prevention is the industry's largest malware prevention engine, stopping highly evasive threats with speed and scale.

Learn More

Machine Learning-Next Generation Firewalls icon

Machine Learning-Next Generation Firewalls

Today's Next-Generation Firewalls provide advanced protection for physical or virtual public and private cloud networks. Learn about our ML-Powered NGFW.

Learn More

Prisma Access icon

Prisma Access

Prisma Access protects hybrid workforces with the superior security of ZTNA 2.0 while providing exceptional user experiences from a unified, cloud-native security product.

Learn More

Advanced Wildfire icon

Advanced Wildfire

Palo Alto Networks Advanced Wildfire is the industry's largest malware prevention engine, stopping highly evasive threats with speed and scale.

Learn More

Cortex Xpanse icon

Cortex Xpanse

Discover and secure digital assets with Cortex Xpanse, automating attack surface management to identify, mitigate, and prevent risks across your connected systems.

Learn More