Grow Your Business and Join MarketWorld Marketplace and Create Your Own Store front

Sunday, September 8, 2024

HomeCyberSecurityCyber risk is rising for poorly configured OT devices
CyberSecurity

Cyber risk is rising for poorly configured OT devices

David Jones
By David Jones
0
18

Dive Brief:

  • Following months of attacks against water and wastewater treatment systems, researchers are warning about a much wider risk of malicious activity due to internet-exposed devices at industrial sites across the U.S. 
  • State-linked and politically motivated threat groups have escalated attacks against drinking water and wastewater treatment sites in the U.S. since late 2023, mainly by targeting poorly secured devices that relied on outdated software or default passwords.
  • “The attacks conducted by OT-focused actors were not limited to public sector facilities, but also affected private companies in various countries,” Microsoft Threat Intelligence researchers said in a report released on Thursday.

Dive Insight:

The risk goes well beyond the water industry, Microsoft researchers warn, as a range of industries use similar devices, from power plants to heating, ventilation and air conditioning systems. 

The devices interact with a variety of critical functions in OT systems, including temperature control and speed. Some of the earliest of these attacks were led by threat groups affiliated with the Islamic Revolutionary Guard Corp. of Iran. These groups targeted Israeli-made Unitronics programmable logic controllers, which are also widely used in U.S. facilities.

Industrial providers often are using infrastructure that can be anywhere from 10 to 30 years old, which often lack the most basic protections. They are simply not equipped or upgraded enough to manage sophisticated, modern threats. 

“Organizations try to minimize these risks with segmentation, various technologies, and tactics,” said Chris Grove, director, cybersecurity strategy at Nozomi Networks. “As a result, they need more people and budget to monitor, react, and implement necessary mitigation measures, which takes time and long planning cycles.”

The FBI and Cybersecurity and Infrastructure Security Agency joined foreign partner agencies in May warning about pro-Russia threat groups targeting water and other critical infrastructure by manipulating human machine interfaces. 

In late May, Rockwell Automation released an advisory urging customers to disconnect devices from the internet. The advisory cited heightened geopolitical tension, but did not address whether there were any specific threats or attacks linked to the advisory. 


Source link

Bookmark (0)
Please login to bookmarkClose
Previous article
What Is a Digital Creator on Facebook?
Next article
OpenAI, Anthropic and Google DeepMind workers warn of AI’s dangers
David Jones
David Jones
RELATED ARTICLES
- Advertisment -spot_img

Most Popular

Load more

Sponsored Business

- Advertisment -spot_img

EDITOR PICKS

POPULAR POSTS

POPULAR CATEGORY

Market World’s portal of services include news, marketing, development and ecommerce. We strive to meet the needs and provide high value for all visitors and customers. We offer digital services for small, mid-sized and large enterprise platforms. We treat our customers as partners and offer the tools and services for growth and success for your journey.

Become a Market World Entrepreneur

FOLLOW US              

© 2022 Market World LLC. All rights reserved