IoT/OT Network Adversaries Advance Amidst Bug Barrage

Cyberattacks on critical infrastructure targeting IoT and OS networks are increasing in sophistication, while ICS vulnerabilities surge, new data shows.

IoT concept art
Source: Andrey Suslov via Alamy Stock Photo

New telemetry data from Internet of Things and operational technology networks brings into sharp focus the risks associated with IoT and OT installations: These networks are subject to highly sophisticated attacks, while in tandem, the volume of vulnerabilities associated with each explodes. And consequently, IoT and OT networks pose even greater risks than generally acknowledged.

Data from the last half of 2023 analyzed by Nozomi Networks showed the largest portion of threats to IoT and OT networks were network anomalies and attacks, with sophisticated tactics like TCP flood and network scans being most popular, the company said in a new report.

"These trends should serve as a warning that attackers are adopting more sophisticated methods to directly target critical infrastructure, and could be indicative of rising global hostilities," Chris Grove, director of cybersecurity strategy at Nozomi Networks, said in a statement about the new data. "The significant uptick in anomalies could mean that the threat actors are getting past the first line of defense while penetrating deeper than many would have initially believed, which would require a high level of sophistication."

Meanwhile, tried-and-true IoT and OT cyberattack approaches like access control and authorization threats, including brute force and multiple login attacks, were up too — by 123%.

A bit of good news: There was a 12% dip in daily cyberattacks against IoT devices during the last half of 2023.

Vulnerabilities Add to IoT/OT Threat

Piling additional cyber-risk onto IoT and OT network defenders was the mounting number of vulnerabilities affecting industrial control systems (ICS) identified by the Cybersecurity and Infrastructure Security Agency, which rose 38% over the previous six months, the Nozomi Networks analysis added. Manufacturing vulnerabilities dominated the CISA list, with a 230% increase in discoveries over the previous half-year.

Similarly, the number of vendors impacted by CISA-reported ICS bugs was up by 19%.

Grove tells Dark Reading that it's unrealistic to think any network can be 100% secure.

"That's why it's important to focus not only on security defenses but also adopt a post-breach mentality," Grove adds. "To minimize risk and maximize operational resiliency, prioritize strategies that include network segmentation, asset discovery, vulnerability management, patching, logging, endpoint detection, and threat intelligence."

Actionable asset and threat intelligence should also be part of the cyber defense mix, Grove says.

"In an increasingly complex threat landscape, resiliency will be the key to effective defenses," he adds.

About the Author

Becky Bracken, Senior Editor, Dark Reading

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights