A new report released today by industrial cybersecurity firm Nozomi Networks Inc. has warned that there is an alarming surge in malware activity in operational technology and internet of things environments.

The Nozomi Networks Labs OT & IoT Security Report: Unpacking the Threat Landscape with Unique Telemetry Data was put together based on telemetry data from OT and IoT environments worldwide, covering a wide variety of use cases and industries. The report found that over the last six months, malware-related security threats spiked 10 times and malware and potentially unwanted applications activity almost doubled.

Among critical threat activities, the report details fluctuations in different areas. Authentication and password issues saw a decline, whereas network anomalies and attacks and access control and authorization saw a considerable increase.

In terms of malware, denial-of-service activity was found to remain prevalent against OT systems. Remote access trojan attacks followed DoS attacks and are noted as being used to establish control over compromised machines. In IoT network domains, distributed denial of service attacks were found to continue to be a top threat.

The Nozomi Networks researchers ran IoT honeypots to gather data for the report, finding ongoing security concerns with malicious IoT botnets. From January through June, Nozomi Networks honeypots recorded an average of 813 unique attacks daily, with the highest reaching 1,342 on May 1. Brute-force attempts utilizing default credentials were one of the primary techniques used by threat actors to gain access to IoT devices.

Regarding exposure to vulnerabilities, the manufacturing, energy and water and wastewater sectors were found to be the most susceptible. Food, agriculture and chemical sectors also moved into the top five in terms of exposure to vulnerabilities, replacing transportation and healthcare, which had previously been in the top five most vulnerable sectors in the reporting period.

“There’s good news and bad news in this latest report,” Chris Grove, Nozomi Networks’s director of cybersecurity strategy, said ahead of the report’s release. “A significant decrease in activity per customer in categories such as authentication and password issues and suspicious or unexpected network behavior suggests that efforts to secure systems in these areas may be paying off. On the other hand, malware activity increased dramatically, reflecting an escalating threat landscape. It’s time to ‘put the pedal to the metal’ in shoring up our defenses.”

Image: Nozomi Networks