“We’ve seen that [cyberattack/ransomware] is a fast-growing component accounting for 11% of serious outages. One of the notable features of a ransomware attack is they usually last days, some have lasted weeks. And in a few rare instances, the company involved has never recovered their business, so that does open up a new, very serious category,” Lawrence explained.
The data collected revealed a key point about how cyberattacks are hitting differently today versus several years ago. According to Uptime, most of the control systems used in data centers are now IP-enabled, making them more susceptible to attack—and more likely to be included in an outage. In the past, OT systems, or operational technology, would use their own private serial communications, separate from the corporate network. Network security becomes more critical with IP-enabled OT systems because if bad actors gain access they can shut down operations.
“While the main IP systems have patches that come out on a regular basis to patch security issues, a lot of these equipment chillers, generators, building management systems, and things of that nature don’t get patched that often for security and their security features are typically not that robust or advanced. They typically rely on the network being secure as being the first and main line of defense,” said Chris Brown, chief technical officer at Uptime Institute.
Outage severity is improving
The research firm noted that most operators reported having no or negligible outages in the past three years, meaning the organizations didn’t incur major damages due to the downtime. When asked to classify their outages, 41% said they experienced a negligible outage, which Uptime defined as “recordable outages but little or no obvious impact on services.” Another 32% reported outages defined as minimal, or services disrupted with minimal effect on users/customers/reputation. Less than one-fifth (17%) experienced an outage classified as significant or downtime that resulted in customer/user service disruptions but had minimal or no financial effect and some reputational or compliance impact.
Six percent pointed to serious outages, which included disruption of service or operations, financial losses, compliance breaches, safety concerns, and reputational damage—with customer losses possible. And 4% said they experienced severe outages that resulted in a major or damaging disruption of services or operations. These severe outages include large financial losses and possible safety issues, compliance breaches, customer losses, and reputational damage.
“There is no question that the data seems to show that the outage severity is improving. In other words, a lower proportion falls into that very severe category of serious, or severe that means our financial reputation, or other extreme consequences,” Lawrence explained.