IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks.
According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 percent in 2019 compared to 2018, and most of them involved the Echobot malware.
The number of cyber attacks targeting OT infrastructures in 2019 was the greater even observed.
“OT attacks hit an all-time high. Malicious activity targeting operational technology assets, most notably industrial control systems (ICS), increased 2000 percent year-over-year in 2019, marking the largest number of attempted attacks on ICS and OT infrastructure in three years.” reads the post published by IBM that introduces the report.
In the OT attacks observed by IBM researchers, hackers attempted to exploit a combination of known ICS/SCADA vulnerabilities, as well as password-spraying attacks.
Experts pointed out that ICS attacks that they have observed were part of two specific campaigns carried out by the Xenotime group and by IBM Hive0016 (APT33).
In June 2019, experts from Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack was targeting electric utilities in the US and APAC.
“The overlap between IT infrastructure and OT, such as Programmable Logic Controllers (PLCs) and ICS, continued to present a risk to organizations that relied on such hybrid infrastructures in 2019.” continues the report. “The convergence of IT/OT infrastructure allows IT breaches to target OT devices controlling physical assets, which can greatly increase the cost to recover. “
Experts explained that once attacker gained the first foothold on the target network, they used lateral movement to target ICS systems from inside using simple exploitation techniques.
Fortunately, IBM experts had not seen any Echobot attacks that caused disruptions or other serious problems for the affected systems.
Experts from IBM believe that the number of OT attacks will rapidly increase in the next months.
“X-Force expects that attacks against ICS targets will continue to increase
in 2020, as various threat actors plot and launch new campaigns against
industrial networks across the globe.” concludes IBM.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – OT, Echobot)
[adrotate banner=”5″]
[adrotate banner=”13″]
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
This website uses cookies.