"OT/IoT Malware Surges Tenfold in First Half of the Year"

According to security researchers at Nozomi Networks, malware-related cyber threats in operational technology (OT) and Internet of Things (IoT) environments jumped tenfold year-on-year in the first six months of 2023.  The researchers noted that specific to malware, denial-of-service (DoS) activity remains one of the most prevalent attacks against OT systems.  This is followed by the remote access trojan (RAT) category commonly used by attackers to establish control over compromised machines.  The researchers noted that distributed denial of service (DDoS) threats are the top threat in IoT network domains.  The researchers stated that malicious IoT botnets remain active this year as threat actors continue to use default credentials in attempts to access chained IoT devices.  Trojans, "dual use" malware, and ransomware were among the most commonly detected alerts across OT and IoT environments, with phishing a common vector for stealing information, establishing initial access, and deploying malware.  The researchers stated that poor authentication and password hygiene topped the list of most prolific threats for the period, despite alerts declining by 22% YoY.  However, network anomalies and attacks were up 15%, and access control and authorization threats surged 128%.  The manufacturing, energy, healthcare, water, and wastewater sectors were hardest hit, alongside the public sector.  The researchers found that water treatment organizations experienced a large number of generic network scans, while oil and gas facilities suffered OT protocol packet injection attacks.  The researchers noted that "the number of OT/IoT vulnerabilities remains high, with 643 published during the six months, while Nozomi's honeypots detected an average of 813 unique attacks daily."

Infosecurity reports: "OT/IoT Malware Surges Tenfold in First Half of the Year"