Nozomi Networks Labs Report: Wipers and IoT Botnets Dominate the Threat Landscape - Manufacturing and Energy at Highest Risk
In the first half of 2022, the Russia/Ukraine war, increasing numbers of connected devices, and threat actor IoT botnets had the biggest impact on the ICS threat landscape
SAN FRANCISCO, Aug. 03, 2022 (GLOBE NEWSWIRE) -- The latest OT/IoT security report from Nozomi Networks Labs finds wiper malware, IoT botnet activity, and the Russia/Ukraine war impacted the threat landscape in the first half of 2022.
Since Russia began its invasion of Ukraine in February 2022, Nozomi Networks Labs researchers saw activity from several types of threat actors, including hacktivists, nation-state APTs, and cyber criminals. They also observed the robust usage of wiper malware, and witnessed the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.
Additionally, in the first half of 2022, malicious IoT botnet activity was on the rise and growing in sophistication. Nozomi Networks Labs set up a series of honeypots to attract these malicious botnets and capture their activity in order to provide additional insights into how threat actors target IoT. In this research, Nozomi Networks Labs analysts uncovered growing security concerns for both hard-coded passwords and internet interfaces for end-user credentials. From January to June 2022, Nozomi Networks honeypots found:
On the vulnerability front, manufacturing and energy continue to be the most vulnerable industries followed by healthcare and commercial facilities. In the first six months of 2022:
“This year’s cyber threat landscape is complex,” said Roya Gordon, Nozomi Networks OT/IoT Security Research Evangelist. “Many factors including increasing numbers of connected devices, the sophistication of malicious actors, and shifts in attack motivations are increasing the risk for a breach or cyber-physical attack. Fortunately, security defenses are evolving too. Solutions are available now to give critical infrastructure organizations the network visibility, dynamic threat detection, and actionable intelligence they need to minimize risk and maximize resilience.”
Nozomi Networks’ “OT/IoT Security Report” provides security professionals with the latest insights needed to re-evaluate risk models and security initiatives, along with actionable recommendations for securing critical infrastructure. This latest report includes:
About Nozomi Networks