The recently published IBM X-Force Threat Intelligence Index 2020 pointed out that over 8.5 billion records were compromised in 2019, a figure that’s more than 200 percent greater than the number of records lost in 2018. It also determined that scanning and exploitation of vulnerabilities have increased from just 8 percent of attacks in 2018 to nearly one-third, closing in on phishing as the most common attack vector.
So far, this seems to be business as usual with no real surprises for security professionals. But there is one point in the report that stands out: the dramatic increase in targeted attacks on industrial control systems (ICS).
Industrial Control Systems Systematically Targeted in 2019
Industrial control systems and similar operational technology (OT) are computing devices that control physical assets. For example, pipelines valves, milling machines, conveyor belts and even train, ship or airplane systems.
IBM X-Force data indicates that events in which threat actors targeted ICS and OT assets increased over 2,000 percent since 2018. In fact, the number of events targeting OT assets in 2019 was greater than the activity volume observed in the past three years combined. Most of the events observed used a combination of known vulnerabilities within supervisory control and data acquisition (SCADA) and ICS hardware components, as well as brute-force login tactics such as password-spraying attacks.
Converging Legacy Tech Attracts Attacks on Infrastructure
The convergence of IT and OT systems means the logical and physical connection between “classical” IT systems and computer controllers that operate physical assets. This connection has become important for automating processes, optimizing delivery chains and centralizing the control of complex proces ..
Support the originator by clicking the read the rest link below.
