SECURITY
SECURITY
SECURITY
Surge in threat activity in OT and IoT environments uncovered by Nozomi Networks
A new report released today by industrial cybersecurity firm Nozomi Networks Inc. has warned that there is an alarming surge in malware activity in operational technology and internet of things environments.
The Nozomi Networks Labs OT & IoT Security Report: Unpacking the Threat Landscape with Unique Telemetry Data was put together based on telemetry data from OT and IoT environments worldwide, covering a wide variety of use cases and industries. The report found that over the last six months, malware-related security threats spiked 10 times and malware and potentially unwanted applications activity almost doubled.
Among critical threat activities, the report details fluctuations in different areas. Authentication and password issues saw a decline, whereas network anomalies and attacks and access control and authorization saw a considerable increase.
In terms of malware, denial-of-service activity was found to remain prevalent against OT systems. Remote access trojan attacks followed DoS attacks and are noted as being used to establish control over compromised machines. In IoT network domains, distributed denial of service attacks were found to continue to be a top threat.
The Nozomi Networks researchers ran IoT honeypots to gather data for the report, finding ongoing security concerns with malicious IoT botnets. From January through June, Nozomi Networks honeypots recorded an average of 813 unique attacks daily, with the highest reaching 1,342 on May 1. Brute-force attempts utilizing default credentials were one of the primary techniques used by threat actors to gain access to IoT devices.
Regarding exposure to vulnerabilities, the manufacturing, energy and water and wastewater sectors were found to be the most susceptible. Food, agriculture and chemical sectors also moved into the top five in terms of exposure to vulnerabilities, replacing transportation and healthcare, which had previously been in the top five most vulnerable sectors in the reporting period.
“There’s good news and bad news in this latest report,” Chris Grove, Nozomi Networks’s director of cybersecurity strategy, said ahead of the report’s release. “A significant decrease in activity per customer in categories such as authentication and password issues and suspicious or unexpected network behavior suggests that efforts to secure systems in these areas may be paying off. On the other hand, malware activity increased dramatically, reflecting an escalating threat landscape. It’s time to ‘put the pedal to the metal’ in shoring up our defenses.”
Image: Nozomi Networks
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
