Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices


Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices.

Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by different nation-backed actors, including attacks by IRGC-affiliated “CyberAv3ngers” in November 2023, as well as pro-Russian hacktivists in early 2024. These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets. OT systems, which control real-world critical processes, present a significant target for cyberattacks.

Read more…
Source: Microsoft


Sign up for our Newsletter


Related:

  • Infrastructure Software Vulnerabilities Raise Concern Among Cybersecurity Experts

    June 9, 2017

    Vulnerabilities in software that automates everything from factories to traffic lights has become the nation’s top cybersecurity threat, an agent on the FBI’s Denver Cyber Task Force said Thursday in Colorado Springs. Supervisory control and data acquisition software is used to control — sometimes remotely — many types of devices in the energy, transportation, manufacturing and ...

  • Honeywell Process Solutions to establish cybersecurity center of excellence in Singapore

    June 8, 2017

    Honeywell Process Solutions (HPS; Houston; www.honeywellprocess.com), with the support of the Singapore Economic Development Board (EDB), will  establish a new industrial cybersecurity center of excellence (COE) for Asia Pacific in Singapore. The COE will feature a state-of-the-art cybersecurity research and development lab, an advanced training facility and a security operations center that provides managed security ...

  • Industrial cyber security – Securing Operational Technology 101

    May 26, 2017

    It would be fair to say that cyber security is at the top of most businesses’ list of concerns. The increased emphasis on IT and technology – every company is a technology company today, after all – has made it this way. Technology and data have become so deeply entrenched in many organisations that if it ...

  • Deloitte and Dragos Partner on Industrial Cybersecurity

    May 9, 2017

    The industrial control system cybersecurity space continues to attract new investments, partnerships and companies. To say that the industrial cybersecurity industry has changed dramatically over the past few years would be a major understatement—not only because the changes have been so significant, but because the evolution is still underway. Just in the past few months we’ve ...

  • Factory Robots Are Easy to Hack, Researchers Show

    May 3, 2017

    In perhaps one of the scariest findings in recent months, researchers have discovered that factory robots can easily be hacked. This, of course, could have grave effects on entire industries and pose safety issues. Cybersecurity firm Trend Micro found that numerous factory robots have a weak network security, using simple combinations of username and passwords that ...