In the first half of 2023, operational technology (OT) and Internet of Things (IoT) environments faced a tenfold surge in malware-related cyber-threats compared to the previous six months, as revealed by Nozomi Networks. The security vendor’s comprehensive Nozomi Networks Labs OT & IoT Security Report drew insights from a combination of industrial control systems (ICS) vulnerabilities, data gathered from IoT honeypots, and analysis of attack trends within OT ecosystems.
Denial-of-service (DoS) attacks emerged as a predominant threat against OT systems, followed closely by remote access trojans (RATs) used by attackers to gain control over compromised machines. Malicious IoT botnets remained a persistent risk, exploiting default credentials to target interconnected IoT devices.
The report highlighted the prevalence of trojans, “dual use” malware, and ransomware as commonly detected threats in both OT and IoT environments. Phishing attacks were a frequently employed vector for data theft, initial access, and malware deployment.
Additionally, new iterations of the 2016 Mirai botnet were uncovered, contributing to the evolving threat landscape. Despite a 22% reduction in alerts related to poor authentication and password practices, network anomalies and attacks increased by 15%, while access control and authorization threats surged by an alarming 128%.
Industries such as manufacturing, energy, healthcare, water, wastewater, and the public sector were particularly vulnerable to these escalating threats. Notably, water treatment facilities faced an influx of generic network scans, while oil and gas installations encountered targeted attacks involving OT protocol packet injections.
The report underscored the persistent challenges posed by OT and IoT vulnerabilities, as evidenced by the publication of 643 vulnerabilities within the six-month period. Nozomi Networks’ honeypots detected an average of 813 unique attacks daily, emphasizing the pressing need for heightened security measures and comprehensive threat mitigation strategies.