Attacks on critical infrastructure accelerating
Cyber threats facing industrial and critical infrastructure have grown to an all-time high as critical infrastructure providers accelerate their digital transformation, according to Nozomi Networks.
New research from the OT and IoT security company found that the recent high-profile SolarWinds-based attacks are just scratching the surface of the expanded threat landscape.
Supply chain threats and vulnerabilities show no signs of slowing, with the SolarWinds attack alone infecting thousands of organisations including government agencies and critical infrastructure providers, the report states. The attack also demonstrates the massive potential for attack via supply chain weaknesses.
But ransomware activity continues to dominate the threat landscape, with attacks growing in sophistication and persistence, and threat actors exfiltrating data and deeply compromising networks for future nefarious activities in addition to demanding payments.
Meanwhile threat actors are targeting the healthcare sector, with nation states using off-the-shelf red team tools to execute attacks and perform cyber espionage against facilities involved with COVID-19 research.
Analysis of the 151 industrial control system vulnerability alerts published in the last six months found memory corruption errors are the dominant vulnerability type for industrial devices, making them a prime attack vector.
“This report leaves no doubt that the time for action is now,” Nozomi Networks co-founder and CTO Moreno Carullo said.
“The recent Oldsmar, Florida, water system attack and the ongoing SolarWinds investigation are dramatic reminders that the critical infrastructure and other systems that we rely on are vulnerable and at constant risk of attack. Understanding the effectiveness of defences against the emerging threat and vulnerability landscape is vital to success.”
CEO Edgard Capdevielle added that threat actors are taking advantage of greater OT connectivity to create attacks that aim to disrupt operations and threaten the safety, profitability and reputation of enterprises around the globe.
“While threats may be on the rise, the technologies and practices to defeat them are available today. We encourage organisations to act quickly to implement the recommendations in this report,” he said.
“It’s never been more important or more possible to take the necessary steps to detect and defend critical infrastructure and industrial operations.”
The Australian Government has been responding to the threat facing critical infrastructure providers with the Department of Home Affairs’ Protecting Critical Infrastructure and Systems of National Significance reforms.
Transport for NSW has warned that some of its data was stolen in December's attack on the...
Cybersecurity services company CyberCX and AustCyber have launched a platform designed to track...
Nearly three-quarters of Australian organisations faced a phishing attack in 2020 with 60% facing...