Pervasive OT & IoT Network Anomalies Raise Red Flags as Threats to Critical Infrastructure Become More Sophisticated
Network anomalies and attacks are the most prevalent threat to OT and IoT environments, according to new research from Nozomi Networks Labs
SAN FRANCISCO, Feb. 8, 2024 /PRNewswire/ -- The latest Nozomi Networks Labs OT & IoT Security Report released today finds that network anomalies and attacks were the most prevalent threat to OT and IoT environments. Vulnerabilities within critical manufacturing also surged 230% – a cause for concern as threat actors have far more opportunities to access networks and cause these anomalies.
Real World Telemetry
"Network scans" topped the list of Network Anomalies and Attacks alerts, followed closely by "TCP flood" attacks which involve sending large amounts of traffic to systems aiming to cause damage by bringing those systems down or making them inaccessible. "TCP flood" and "anomalous packets" alert types exhibited significant increases in both total alerts and averages per customer in the last six months, increasing more than 2x and 6x respectively.
"These trends should serve as a warning that attackers are adopting more sophisticated methods to directly target critical infrastructure, and could be indicative of rising global hostilities," said Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks. "The significant uptick in anomalies could mean that the threat actors are getting past the first line of defense while penetrating deeper than many would have initially believed, which would require a high level of sophistication. The defenders have gotten better at protecting against the basics, but these alerts tell us that the attackers are quickly evolving in order to bypass them."
Alerts on access control and authorization threats jumped 123% over the previous reporting period. In this category "multiple unsuccessful logins" and "brute force attack" alerts increased 71% and 14% respectively. This trend highlights the continued challenges in unauthorized access attempts, showing that identity and access management in OT and other challenges associated with user-passwords persist.
Below is the lis of top critical threat activity seen in real-world environments over the last six months:
Data from IoT Honeypots
From July through December 2023, Nozomi Networks honeypots found:
Nozomi Networks Labs "OT & IoT Security Report: Assessing the Threat Landscape" provides security professionals with the latest insights needed to re-evaluate risk models and security initiatives, along with actionable recommendations for securing critical infrastructure.
About Nozomi Networks
View original content to download multimedia:https://www.prnewswire.com/news-releases/pervasive-ot--iot-network-anomalies-raise-red-flags-as-threats-to-critical-infrastructure-become-more-sophisticated-302057118.html
SOURCE Nozomi Networks