New telemetry data from the Internet of Things and operational technology networks highlights this issue risks associated with IoT and OT installations: These networks are subject to highly sophisticated attacks and, in parallel, the volume of vulnerabilities associated with each of them explodes. As a result, IoT and OT networks pose even greater risks than generally recognized.
Data from the last half of 2023 analyzed by Nozomi Networks showed that the majority of threats to IoT and OT networks were network anomalies and attacks, with sophisticated tactics such as TCP Flood and network scans being the most popular, the company said in a new report.
“These trends should serve as a warning that attackers are adopting more sophisticated methods to directly target critical infrastructure, and may be indicative of increasing global hostilities,” said Chris Grove, director of cybersecurity strategy at Nozomi Networks , in a statement on the topic. new data. “The significant increase in anomalies could mean that threat actors are bypassing the first line of defense by penetrating deeper than many would have initially believed, which would require a high level of sophistication.”
Meanwhile, the proven IoT e OT cyber attack Approaches such as access control and authorization threats, including brute force and multiple access attacks, also increased by 123%.
A bit of good news: In the last half of 2023, there was a 12% decline in daily cyberattacks against IoT devices.
The vulnerabilities add to the IoT/OT threat
Piling further cyber risk on defenders of IoT and OT networks has been the growing number of vulnerabilities affecting industrial control systems (ICS) identified by the Cybersecurity and Infrastructure Security Agency, which have increased by 38% in the last six months, he added analysis by Nozomi Networks. Manufacturing sector vulnerabilities dominated the CISA list, with a 230% increase in discoveries compared to the previous six months.
Likewise, the number of vendors affected by ICS bugs reported by CISA increased by 19%.
Grove tells Dark Reading that it’s unrealistic to think that any network can be 100% secure.
“That’s why it’s important to focus not only on security defenses, but also adopt a post-breach mindset,” adds Grove. “To minimize risk and maximize operational resilience, prioritize strategies that include network segmentation, asset discovery, vulnerability management, patching, logging, endpoint detection, and threat intelligence.”
Actionable assets and threat intelligence should also be part of the cyber defense mix, Grove says.
“In an increasingly complex threat landscape, resilience will be key to effective defenses,” he adds.