Monday, October 14, 2024

Increasing Brute Force Attacks Targeting Operational Technology: CISA Warns

Share

- Advertisement -

The US Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms about a surge in cyberattacks on operational technology (OT) and industrial control systems (ICS).

These systems, which are crucial for the functioning of critical infrastructure, are increasingly falling victim to hackers employing brute force tactics to gain unauthorized access.

This warning comes amid a backdrop of growing concerns regarding cybersecurity, particularly in sectors that are vital for public safety, such as water and wastewater management.

Brute Force Attacks on OT Systems

CISA has specifically highlighted that cybercriminals are primarily using basic brute-force methods to target internet-connected devices in OT and ICS environments.

This approach involves attempting to log into systems using default credentials, a strategy that is alarmingly effective. Although CISA refrained from naming specific groups behind these attacks, there are indications that some of these hackers may have links to Russian cyber entities.

Their focus appears to be on infiltrating systems that manage water treatment processes, distribution networks, and pressure controls, which could lead to significant public health risks if compromised.

- Advertisement -

The implications of such breaches are dire; hackers can disrupt water supply systems, which directly affects millions of people.

A successful intrusion into these systems could lead to contamination or interruptions in service, threatening the health and safety of communities.

Rising Frequency of Cyberattacks

This warning from CISA aligns with findings from Fortinet, a prominent cybersecurity firm, which recently conducted a survey involving over 550 professionals in the OT sector worldwide.

The results were striking—73% of respondents reported experiencing cyberattacks this year, a significant jump from 49% in 2023.

The alarming increase indicates a growing trend where cyber criminals are swiftly adapting their tactics to bypass existing security measures, leaving organisations struggling to keep up.

Furthermore, the frequency of these attacks has escalated alarmingly. The survey revealed that 31% of respondents encountered more than six cyber intrusions over the past year.

- Advertisement -

This statistic highlights a stark contrast to the previous year, where only 11% reported a similar experience. It is evident that the threat landscape is evolving, with attackers becoming more aggressive and persistent.

Recommendations for Protection

CISA has urged operators of OT and ICS in critical infrastructure sectors to take proactive measures to secure their systems.

The agency recommends following best practices outlined in the “Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity” article.

Organisations are encouraged to explore CISA’s Secure by Design webpage, which offers valuable insights into secure-by-design principles and practices.

Implementing strong security protocols is paramount. This includes regularly changing default passwords, employing multi-factor authentication, and ensuring that all software and systems are up-to-date with the latest security patches.

By taking these steps, operators can significantly reduce their vulnerability to cyberattacks.

- Advertisement -
Emily Parker
Emily Parker
Emily Parker is a seasoned tech consultant with a proven track record of delivering innovative solutions to clients across various industries. With a deep understanding of emerging technologies and their practical applications, Emily excels in guiding businesses through digital transformation initiatives. Her expertise lies in leveraging data analytics, cloud computing, and cybersecurity to optimize processes, drive efficiency, and enhance overall business performance. Known for her strategic vision and collaborative approach, Emily works closely with stakeholders to identify opportunities and implement tailored solutions that meet the unique needs of each organization. As a trusted advisor, she is committed to staying ahead of industry trends and empowering clients to embrace technological advancements for sustainable growth.

Read More

Trending Now