Site icon TechNewsBoy.com

Microsoft has found a whole load of IoT and industrial cyber flaws

Scott Marlette

Microsoft has identified a huge number of IoT security issues, finding unpatched, high-severity vulnerabilities in 75% of the most common industrial controllers in customer operational technology (OT) networks.

The tech giant’s research also found that 72% of the software exploits utilized by what Microsoft terms “Incontroller” are now available online. 

“Incontroller” is what the Cybersecurity and Infrastructure Security Agency (CISA) describes as a “novel set of state-sponsored, industrial control system (ICS) oriented cyberattack tools”.

What is true scale of the issue?

Microsoft cited recent IDC figures that estimate there will be 41.6 billion connected IoT devices by 2025, a growth rate much higher than that of traditional IT equipment.

However, it claims that the development of IoT and OT device security has not kept pace with that of other IT systems, and threat actors are exploiting these devices.

Microsoft pointed towards Russia’s cyberattacks against Ukraine, as well as other nation-state-sponsored cybercriminal activity, saying these demonstrate that “some nation-states view cyberattacks against critical infrastructure as desirable for achieving military and economic objectives”.

You certainly do not have to look far to see examples of these types of industrial IoT attacks wreaking havoc on all involved.

In May 2021, the Colonial Pipeline ransomware attack disrupted the supply of natural gas in much of the Southern US, causing widespread price rises.

To mitigate these types of risks, Microsoft recommends customers work with stakeholders to map business-critical assets, in IT and OT environments, as well as work to identify what IoT and OT devices are critical assets by themselves, and which are associated with other critical assets.

Microsoft also recommends that organizations perform a risk analysis on critical assets, focusing on the business impact of different attack scenarios.

  • Interested in keeping your organization safe from cyber threats? Check out our guide to the best firewalls

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version