Page 29 - Cyber Defense eMagazine July 2024

P. 29

Recent Attacks

Late 2023 saw a surge in cyberattacks on OT devices, especially those developed by Israeli companies,
often linked to groups affiliated with Iran. In 2024, the Blackjack hacking group deployed destructive
malware called Fuxnet against a Russian company, damaging filesystems and hardware components.

Where is This Happening?

Cyberattacks on OT devices are a global issue with significant incidents reported in:

• North America and Europe: Pro-Russia hacktivists have targeted Industrial Control Systems
(ICS).
• Israel: There has been an increase in attacks on OT assets developed by Israeli companies.
• Russia: Industrial control systems have faced destructive malware attacks.

How is This Happening?

Several factors facilitate these cyberattacks on OT devices:

Weak Security Mechanisms: Many OT systems lack robust security measures, making them vulnerable
to exploitation through internet scanning tools.

Outdated Software: OT devices often run on outdated software with known vulnerabilities, making them
easy targets for cyberattacks.

Weak Passwords: Poor password management practices provide an easy entry point for attackers to
gain unauthorized access.

Lack of Network Segmentation: Inadequate network segmentation allows attackers to move laterally
within compromised networks, escalating the extent of damage.

How Was It Missed?

The vulnerabilities in OT systems have often been overlooked due to several reasons:

Legacy Components: Many OT systems use legacy components that are difficult to update and secure,
leaving them vulnerable to modern threats.

Operational Priorities: OT environments traditionally prioritize safety, reliability, and process continuity
over security, leading to delayed patching and updates.

Convergence with IT Systems: The increasing integration of IT and OT systems has expanded the attack
surface, complicating the task of securing all components.

24 25 26 27 28 29 30 31 32 33 34