In a new report, Assessing the Threat Landscape, Nozomi Networks warns that threat actors are targeting OT and IoT environments with increased volume and sophistication.
During the second half of 2023, the report notes that CISA released 196 new ICS advisories mentioning 885 old and new vulnerabilities affecting products from 74 vendors with reported CVEs up 38% and mentioned vendors up 19% compared to the first half of the year.
Notably, the most impacted sector was “critical manufacturing” with related CVEs surging 230% over the previous six months, to 621 with energy (75), waste and wastewater (37) and commercial facilities (31) trailing far behind.
The categories that represented the largest share of threats during the second half of 2023 included:
- Network anomalies and attacks – 38%
- Authentication and password issues – 19%
- Alerts on access control and authorization – 10%
Alerts on access control and authorization threats jumped 123% over the previous reporting period. In this category ‘multiple unsuccessful logins’ and ‘brute force attack’ alerts increased 71% and 14% respectively.
“This trend highlights the continued challenges in unauthorized access attempts, showing that identity and access management in OT and other challenges associated with user passwords persist,” the report noted.
This report comes as the FBI, CISA and the NSA warn of threat actors successfully infiltrating US critical infrastructure networks and covertly positioning themselves with the intention of launching destructive attacks in the event of military conflict.
Mark B. Cooper, President & Founder, PKI Solutions had this comment:
“Attacks focusing on critical infrastructure components secured in OT frameworks highlights a new frontier in cybersecurity concerns. Increasing attacks, but deliberate and indiscriminate, will require organizations to prioritize protections for these systems. The traditional assumption of OT segregation and isolation is not sufficient to defend against modern attacks. The sophistication of both deliberate and indiscriminate attacks will require organizations to have a broader approach to defense and protection of these systems. A modern approach with defense in depth and real time monitoring and alerting is required. You must assume penetration into an OT environment and design systems to withstand attacks from within. Simple walls are no longer sufficient to protect these systems.”
Dave Ratner, CEO, HYAS follows with this comment:
“As attacks in OT, IoT, and other critical infrastructure environments escalate, the need for proactive intelligence and resilience-based strategies has never been greater. Only by identifying anomalies on the network, in real-time, can we actually escape the continual cat-and-mouse game”.
Once again I’m in the position of having to say that everyone needs to heed these warnings. Because given the threat landscape at the moment, the stakes have never been higher.
Like this:
Like Loading...
Related
This entry was posted on February 9, 2024 at 8:42 am and is filed under Commentary with tags Nozomi Networks. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Critical manufacturing Vulnerabilities up 230%: Nozomi Networks
In a new report, Assessing the Threat Landscape, Nozomi Networks warns that threat actors are targeting OT and IoT environments with increased volume and sophistication.
During the second half of 2023, the report notes that CISA released 196 new ICS advisories mentioning 885 old and new vulnerabilities affecting products from 74 vendors with reported CVEs up 38% and mentioned vendors up 19% compared to the first half of the year.
Notably, the most impacted sector was “critical manufacturing” with related CVEs surging 230% over the previous six months, to 621 with energy (75), waste and wastewater (37) and commercial facilities (31) trailing far behind.
The categories that represented the largest share of threats during the second half of 2023 included:
Alerts on access control and authorization threats jumped 123% over the previous reporting period. In this category ‘multiple unsuccessful logins’ and ‘brute force attack’ alerts increased 71% and 14% respectively.
“This trend highlights the continued challenges in unauthorized access attempts, showing that identity and access management in OT and other challenges associated with user passwords persist,” the report noted.
This report comes as the FBI, CISA and the NSA warn of threat actors successfully infiltrating US critical infrastructure networks and covertly positioning themselves with the intention of launching destructive attacks in the event of military conflict.
Mark B. Cooper, President & Founder, PKI Solutions had this comment:
“Attacks focusing on critical infrastructure components secured in OT frameworks highlights a new frontier in cybersecurity concerns. Increasing attacks, but deliberate and indiscriminate, will require organizations to prioritize protections for these systems. The traditional assumption of OT segregation and isolation is not sufficient to defend against modern attacks. The sophistication of both deliberate and indiscriminate attacks will require organizations to have a broader approach to defense and protection of these systems. A modern approach with defense in depth and real time monitoring and alerting is required. You must assume penetration into an OT environment and design systems to withstand attacks from within. Simple walls are no longer sufficient to protect these systems.”
Dave Ratner, CEO, HYAS follows with this comment:
“As attacks in OT, IoT, and other critical infrastructure environments escalate, the need for proactive intelligence and resilience-based strategies has never been greater. Only by identifying anomalies on the network, in real-time, can we actually escape the continual cat-and-mouse game”.
Once again I’m in the position of having to say that everyone needs to heed these warnings. Because given the threat landscape at the moment, the stakes have never been higher.
Share this:
Like this:
Related
This entry was posted on February 9, 2024 at 8:42 am and is filed under Commentary with tags Nozomi Networks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.