Subscribe to our Newsletter!
By subscribing to our newsletter, you agree with our privacy terms
Home > Cybersecurity > Attacks on OT systems are becoming more frequent
June 10, 2021
Contrary to what one might imagine, OT systems are falling victim to unsophisticated attacks. This has made cybercriminals’ actions against critical infrastructure significantly more frequent in recent years, according to a survey conducted by Mandiant, FireEye’s intelligence unit that studies threats and incident response, recently acquired by Symphony Technology Group.
Unlike IT systems that deal with information, its flows, and processing, OT systems work with machines and their control processes. They are seen as more complex, requiring a lot of resources and time when their operations are interrupted for some reason. However, Mandiant Threat Intelligence has observed that attacks on these systems are being conducted by attackers with varying skill levels and widely used IT tools and techniques.
The attackers seem to be driven by financial, ideological motivation or just to gain notoriety. They target a broad spectrum of supposedly vulnerable Internet-connected OT systems used in different solutions, such as solar power panels, water consumption control, building automation, and home security. What seems to be changing since Mandiant started monitoring this type of activity in 2012 is the significant growth in the frequency of incidents in recent years.
The most common current activity involves extortion, but also sharing knowledge and expertise to exploit widely known tactics, techniques, and procedures and widely used tools to access, interact with or collect information from exposed assets on the Internet. This was seen very little in the past, the study said.
The breaches most frequently exploited by unsophisticated attacks are unsecured remote access services and also graphical human-machine interfaces, as they are a friendly representation that, when malicious, can lead the user to trigger the operations desired by the attackers.
According to Mandiant, protection against unsophisticated lures can be implemented from awareness of unsafe exposure of assets and data and good security practices such as:
November 25, 2022
November 14, 2022
November 03, 2022
October 18, 2022
October 13, 2022
October 05, 2022
September 19, 2022
Previous
REvil attacks US nuclear adviser
Next
Compromised password results in Pipeline attack, says expert