DomCII/OTAttackers infiltrate IT-Based Networks before transitioning to ICS/OT Systems

Attackers infiltrate IT-Based Networks before transitioning to ICS/OT Systems

Objavljeno na

spot_img

Attacks on industrial control systems and operations technology systems are on the rise, with cyber adversaries exploiting vulnerabilities in IT networks to infiltrate OT networks, as revealed in a recent report published by SANS.

Based on input from cybersecurity experts across critical infrastructure sectors, the State of ICS/OT Cybersecurity 2024 report underscores a concerning trend. The findings show that there have been more non-ransomware incidents (74.4%) compared to ransomware attacks (11.7%) over the past year.

Various initial attack vectors were identified in OT/ICS incidents, including the compromise of OT and industrial control systems through external remote services (23.7%) or internet-accessible devices (23.7%). Additionally, attacks were carried out via employee workstations (20.3%), removable media (20.3%), and supply chain compromises (20.3%). Alarmingly, 18.6% of respondents reported attackers resorting to spear phishing with email attachments for the initial breach.

Interestingly, 19% of respondents reported experiencing one or more security incidents within the past year, indicating the widespread nature of cyber threats targeting industrial systems.

Even though only 12% of respondents reported being victims of ransomware attacks in the previous 12 months, the impact on ICS/OT environments is described as “potentially catastrophic” by SANS. Among the organizations affected by ransomware, 38% reported impacts limited to IT network systems, while 28.6% said their OT and ICS networks were compromised. A smaller percentage, 21%, noted impacts on both networks. Moreover, 38.1% stated that reliability and safety were compromised during these attacks.

SANS emphasized the severity of ransomware attacks, noting that while the overall trend may be decreasing, the potential consequences remain significant and should be a key consideration for all incident response programs tailored to ICS/OT environments.

The escalating threat landscape targeting industrial systems underscores the need for robust cybersecurity measures and proactive defenses to safeguard critical infrastructure. As cyber adversaries continue to evolve their tactics, organizations must prioritize cybersecurity readiness and resilience to mitigate the impact of cyber attacks on industrial control systems and operations technology.

Link na izvor

Najnoviji članci

How Russian Influence Could Have Altered the U.S. Election Results

In the final days of the 2024 U.S. presidential election campaign, Russian efforts to...

Chinese hackers accessed extensive collection of American cellphone records – POLITICO

Chinese hackers were able to infiltrate a vast amount of Americans' cell phone records,...

Nokia data surfaced in the Darknet | CSO Online

Nokia is currently investigating a potential breach after a hacker claimed to have stolen...

Impact of outages on Washington state courts due to unauthorized activity detected on network

A cyber intrusion has caused widespread outages in court systems across the state of...

Još ovako

How Russian Influence Could Have Altered the U.S. Election Results

In the final days of the 2024 U.S. presidential election campaign, Russian efforts to...

Chinese hackers accessed extensive collection of American cellphone records – POLITICO

Chinese hackers were able to infiltrate a vast amount of Americans' cell phone records,...

Nokia data surfaced in the Darknet | CSO Online

Nokia is currently investigating a potential breach after a hacker claimed to have stolen...
hrCroatian