Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices


Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices.

Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by different nation-backed actors, including attacks by IRGC-affiliated “CyberAv3ngers” in November 2023, as well as pro-Russian hacktivists in early 2024. These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets. OT systems, which control real-world critical processes, present a significant target for cyberattacks.

Read more…
Source: Microsoft


Sign up for our Newsletter


Related:

  • Threat landscape for industrial automation systems. Statistics for H1 2023

    September 13, 2023

    In the first half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from H2 2022 by just 0.3 pp to 34%. That said, he percentage of attacked ICS computers dropped in Q1 2023, but then rose again in Q2 2023, reaching highest quarterly figure since 2022 – 26.8%. Read more… Source: Kaspersky  

  • CISA Releases Three Industrial Control Systems Advisories

    September 12, 2023

    CISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-255-01 Hitachi Energy Lumada APM Edge ICSA-23-255-02 Fujitsu Software Infrastructure Manager Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • CISA Releases Four Industrial Control Systems Advisories

    September 7, 2023

    CISA released four Industrial Control Systems (ICS) advisories on September 7, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-250-01 Dover Fueling Solutions MAGLINK LX Console ICSA-23-250-02 Phoenix Contact TC ROUTER and TC CLOUD CLIENT Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • CISA Releases Two Industrial Control Systems Advisories

    September 5, 2023

    CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

  • Rockwell Automation Integer Overflow Vulnerability

    September 1, 2023

    Rockwell Automation’s ThinManager is designed for managing thin clients, mobile devices, cameras, and industrial devices. Comprising both client and server components, the client facilitates device configuration while the server handles data transfer and client requests. To maintain data consistency across the system, ThinManager servers synchronize using messages sent via port TCP/2031. These messages, based on a ...

  • CISA Releases Four Industrial Control Systems Advisories

    August 31, 2023

    CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-243-01 ARDEREG Sistemas SCADA ICSA-23-243-02 GE Digital CIMPLICITY Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency