Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Volume of Attacks on IoT/OT Devices Increasing: Microsoft Study

The volume of attacks on IoT and OT devices is increasing and in many cases these systems were specifically targeted by threat actors, according to a new study commissioned by Microsoft.

The volume of attacks on IoT and OT devices is increasing and in many cases these systems were specifically targeted by threat actors, according to a new study commissioned by Microsoft.

Forty-four percent of the more than 600 respondents who took part in a survey said their organization experienced a cyber incident that involved an IoT or OT device in the past two years. Thirty-nine percent said such a device was the target of the attack and 35% said the device was leveraged to conduct a broader attack — this includes lateral movement, detection evasion and persistence.

IoT and OT devices may be specifically targeted by attackers with the intent to cause disruption. One example provided by Microsoft involves human-operated ransomware attacks that disrupt production in an organization.

Half of respondents said the volume of attacks against IoT/OT devices in their organization “increased” or “significantly increased” in the past 12 to 24 months. Moreover, only less than 20% of respondents believe the volume of attacks will decrease in the upcoming period.

Many organizations are still not confident in their ability to protect their systems. Only less than one-third of the respondents who contributed to the Microsoft study said their organization has a complete inventory of devices, and 42% don’t have the ability to detect vulnerabilities affecting IoT and OT devices.

Moreover, 61% have low or average confidence when it comes to identifying compromised systems, and nearly half still mainly rely on manual processes to identify and correlate impacted devices.

Microsoft’s study also confirms that industrial systems are in many cases not isolated from the internet or the IT network. Roughly half of respondents said their OT network is connected to the corporate IT network, and 56% admitted that their OT network is directly connected to the internet.

While 55% of respondents believe IoT and OT products are not secure by design, 47% are relying on the manufacturer to secure these devices.

Advertisement. Scroll to continue reading.

The report released by Microsoft is based on a survey of 615 IT, IT security, and OT security practitioners across the United States, conducted by the Ponemon Institute.

A survey conducted recently by Ponemon for industrial cybersecurity firm Dragos showed that some companies reported that the total cost of an ICS/OT incident exceeded $100 million.

Related: Engineering Workstations Are Concerning Initial Access Vector in OT Attacks

Related: Water Sector Security Report Released Just as Another Water Plant Hack Comes to Light

Related: Over 90% of OT Organizations Experienced Cyber Incidents in Past Year: Report

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

DARPA veteran Dan Kaufman has joined Badge as SVP, AI and Cybersecurity.

Kelly Shortridge has been promoted to VP of Security Products at Fastly.

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.