Critical manufacturing vulnerabilities experienced a 230% surge in just six months
Operational technology (OT) and Internet of Things (IoT) environments are facing heightened threats from increasingly sophisticated actors, warns a recent report by Nozomi Networks. Covering the second half of 2023, the report, titled "Assessing the Threat Landscape," utilizes data from honeypots, customer environments, and third-party sources.
During this period, 885 new ICS-CERT vulnerabilities were disclosed, affecting 74 vendors. The "critical manufacturing" sector experienced the most significant impact, with related Common Vulnerabilities and Exposures (CVEs) surging by 230% to 621 for the six-month period. Energy (75), waste and wastewater (37), and commercial facilities (31) ranked as the top three affected sectors.
This spike in vulnerabilities raises concerns as threat actors gain increased opportunities for unauthorized access, data theft, extortion, and sabotage within OT/IoT environments.
The report highlights that "network anomalies and attacks" constituted the largest share (38%) of threats in the second half of 2023. Within this category, "network scans" and "TCP flood" attacks, indicative of Distributed Denial of Service (DDoS) attempts, were the most prevalent.
Authentication and password issues ranked second, comprising 19% of the detected threats during the period. Notably, "alerts on access control and authorization" claimed the third spot at 10%, with a noteworthy 123% increase over the previous reporting period. Within this category, "multiple unsuccessful logins" and "brute force attack" alerts rose by 71% and 14%, respectively.
领英推荐
Nozomi Networks reported that its IoT honeypots faced an average of 712 unique attacks each day during the reporting period. Although there was a 12% decline from the previous six months, the report emphasizes the importance of reinforcing security measures for OT/IoT.
Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, cautioned that these trends indicate attackers adopting more sophisticated methods, potentially signifying escalating global hostilities. He noted that the surge in anomalies might suggest threat actors penetrating deeper into critical infrastructure, highlighting the need for enhanced defenses against evolving attack strategies.
This report coincides with warnings from the US and its allies about Chinese state actors positioning themselves covertly in critical infrastructure sectors, aiming to launch destructive attacks in the event of military conflict.
For Further Reference