World’s Critical Infrastructure Suffered 13 Cyber Attacks Every Second in 2023 – Security Today

author
2 minutes, 14 seconds Read

World’s Critical Infrastructure Suffered 13 Cyber Attacks Every Second in 2023

In the last year, the world’s critical infrastructure – the medical, power, communications, waste, manufacturing, and transportation equipment that connects people and machines – has been under near-constant attack. Forescout Research – Vedere Labs recorded more than 420 million attacks between January and December 2023. That is 13 attacks per second, a 30% increase from 2022.

Forescout, a global cybersecurity provider, unveiled the global findings of recorded attacks in its Adversary Engagement Environment (AEE) in the new report, “2023 Global Threat Roundup.” The AEE is maintained by Vedere Labs, a leading global team dedicated to uncovering vulnerabilities in and threats to critical infrastructure.

Despite the formidable challenges posed by the ongoing surge in cyber-activity, there is an optimistic path forward. Elisa Costante, VP of Research at Forescout Research – Vedere Labs, highlights the potential for positive change, stating, “While it’s true that current efforts have fallen short in fully harnessing crucial technology to fortify critical assets and assess risks, there is an opportunity for improvement.”

Here are the top five insights from Forescout Research:

1. Not Yet Dormant: Log4j Dampens Software Library Exploits

Exploits against software libraries are witnessing a decline due to the waning popularity of Log4j exploits. This lull has given rise to a surge in exploits targeting network infrastructure and Internet of Things (IoT) devices.Among the IoT landscape, the spotlight falls on IP cameras, building automation systems, and network-attached storage, emerging as the most sought-after targets for malicious actors.Only 35% of exploited vulnerabilities made an appearance in the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) list. This divergence emphasizes the need for a proactive and comprehensive approach to cybersecurity, transcending reliance on known vulnerability databases.

2. OT Protocols Bear the Brunt

Operational Technology (OT) finds itself under relentless assault, with five key protocols bearing the brunt of persistent attacks. The primary targets include protocols used in industrial automation and power sectors, such as Modbus, subject to a staggering one-third of all attacks, closely followed by Ethernet/IP, Step7, and DNP3, each accounting for approximately 18% of the onslaught. IEC10X rounds out this list with 10% of attacks, leaving the remaining 2% distributed among various protocols, with BACnet emerging as the majority.Building automation protocols, such as BACnet, experience less frequent scans. However, the relative scarcity of scans belies an alarming trend—targeted exploits against vulnerabilities in building automation devices are more prevalent.

3. Post-Exploitation Tactics Shift

Persistence tactics mark a 50% surge from 3% in 2022, along with discovery (roughly 25%) and execution (the other roughly 25%). While most observed commands used by threat actors remain targeted at generic Linux systems, a notable trend involves specific commands executed for network operating systems found on widely used routers.

This post was originally published on the 3rd party site mentioned in the title of this this site

Similar Posts