Assaults in opposition to industrial management techniques and operations expertise techniques are growing, as adversaries discover weaknesses in IT networks that enables them to maneuver into OT networks, based on a current report from SANS.
The State of ICS/OT Cybersecurity 2024 report from SANS relies on responses from cybersecurity professionals in varied essential infrastructure sectors. There have been extra non-ransomware incidents (74.4%) reported than ransomware (11.7%) over the previous yr, based on the SANS report.
Different preliminary assault vectors concerned in OT/ICS incidents embrace compromising OT and industrial management techniques by used of exterior distant companies (23.7%) or internet-accessible units (23.7%); compromising worker workstations (20.3%) and detachable media (20.3%); and a provide chain compromise (20.3%). It is value noting that 18.6% respondents mentioned attackers tried spear phishing with an e-mail attachment for the preliminary compromise.
One out of 5, of 19%, of respondents reported a number of safety incidents over the previous yr.
Whereas solely 12% of respondents reported being the targets of ransomware assaults up to now 12 months, the influence on the ICS/OT setting stays “doubtlessly catastrophic,” SANS mentioned within the report. Of the organizations who reported a ransomware incident, 38% mentioned solely IT community techniques had been impacted and 28.6% mentioned OT and ICS networks had been affected. Simply 21% mentioned each networks had been impacted. Greater than a 3rd, or 38.1%, mentioned reliabiiy and security was compromised throughout these assaults.
“Though the general pattern [ransomware] appears to have decreased, the impacts are nonetheless doubtlessly catastrophic, and ought to be thought-about for all ICS/OT- particular incident response packages,” SANS mentioned.
Source link
#Attackers #Breach #ITBased #Networks #Leaping #ICSOT #Techniques
