IN THE NEWS
OT & IoT Security News
Edgard Capdevielle, CEO at Nozomi Networks, also sees the US Treasury advisory as a reminder of the ever-increasing importance of a preventive security program and a robust backup system as an alternative to paying ransoms: “Ransomware attacks and other cyberthreats will remain constant as our personal lives and business operations continue to digitalize. That’s why choosing to pay a ransom is too often a short-sighted response that could come at a high cost…”
Andrea Carcano is the co-founder of Nozomi Networks, and claimed in the face of a global pandemic, IoT connections are empowering a level of remote work like none before. “We’ve seen industrial operators go from a single digit percentage of their workforce working remotely, to 52% and higher,” he said. “This deluge of internet-connected devices opens the door to a whole slew of new vulnerabilities and creates a much large attack surface.” He claimed NCSAM is a good time to remember that it doesn’t have to take a catastrophe to spur change.
Edgard Capdevielle, CEO of Nozomi Networks, said ransomware attacks were increasing in volume and sophistication, and that to give in to them only fuelled the fire.
According to Andrea Carcano, co-founder of IT/OT security provider Nozomi Networks, transportation organizations are rapidly evolving to improve their service levels and efficiency. As the same time, safety has never been more important, as risks from cyber threats increase.
Andrea Carcano, co-founder of Nozomi Networks, described the level of system visibility and cybersecurity maturity in the shipping sector as “relatively low. The maritime industry in particular transports 90% of the world’s trade, and like other industries, is becoming increasingly connected, automated and remotely monitored,” said Carcano.
Securing IoT networks requires a combination of purchasing products that are secure by design, and taking a holistic approach to security, Andrea Carcano, Co-founder of operational technology (OT) and IoT security firm Nozomi Networks, told TechNewsWorld.
According to Nozomi Networks co-founder Andrea Carcano, what happened in the US must be seen as a warning. “It’s a reminder that threat actors are lurking,” he explains. “As our global pandemic forces more remote work scenarios and as maritime organizations modernise and embrace digitalisation, they must take steps to prevent and defend against cyber threats.”
“The ransomware attack against IPG Photonics highlights a concerning trend,” Andrea Carcano, co-founder of operational technology and “internet of things” security company Nozomi Networks Inc., told SiliconANGLE. “Attackers are demanding higher ransoms and targeting larger and more critical organizations. These threats should be a serious concern for security professionals responsible for keeping not only IT, but OT and IoT networks safe.”
According to MITRE, there are currently 139 CNAs across 24 countries. One of the latest additions is OT and IoT security solutions provider Nozomi Networks, which can assign CVEs to flaws found in its own products and third-party industrial and IoT products that are not covered by a different CNA.
As a CNA, the company will be able to assign CVE identifiers to vulnerabilities found in its own products or in third-party IoT and industrial products that are not covered by another organization.
The CVE Program, sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE, is the de facto international standard for identifying and naming cybersecurity vulnerabilities that leave systems open to attack.
The remote access genie is certainly out of the bottle and it will never return to the same state as before the pandemic. How Australian tech and security leaders react and adapt will be a telling point on how the country survives and competes in an enhanced digital economy.
“This is the tip of the iceberg,” said Chris Grove, technology evangelist for Nozomi Networks, which produces monitoring and risk mitigation software for industrial control systems and IoT networks. “They were trying to ransom $5 million or $6 million but were planning to steal a half billion in data from Tesla.”
“Evidence suggests that [Maze] operates under an affiliate model, which explains the diversity in its targets as well as the heterogeneity in TTPs employed to successfully compromise its victims,” said Andrea Carcano, co-founder of Nozomi Networks. “While originally spread through exploit kits and emails with malicious attachments, it has evolved to follow new trends and recently began to be deployed post-compromise. The post-compromise deployment approach gives the attackers time to perform lateral movement in the network and maximize the potential impact by exfiltrating and encrypting specific assets.”
As organizations’ IT, OT and physical systems become more interconnected, critical infrastructure organizations must implement a holistic approach to securing these cyber-physical systems. It should not take a cyberattack or crisis to spur change. Now is the time to take these steps to achieve a holistic approach.
Andrea Carcano and Chris Grove examine the growing significance of cybersecurity to automated manufacturing.
“If you notice an attack going on, it’s already too late,” said Andrea Carcano, co-founder of Nozomi Networks, which provides web security services for utilities and other industries. Nozomi estimates that grid attacks have increased 35% since Americans began quarantining. That correlates with more electric-sector employees working from home.
Andrea Carcano, co-founder of Nozomi Networks, believes the trend of threatening to publish stolen files in “an attempt to gain leverage” will “unfortunately” continue, pointing to findings in the Nozomi OT/IoT Security Report.
A 2018 ACS report predicted that 25 per cent of attacks on businesses would involve IoT devices by this year – and the prediction was recently validated by a Nozomi Networks analysis that found cybersecurity threats against OT targets had surged in the first half of this year.
The second report this week, from Nozomi, showed that shadow IoT devices present a threat not just to the corporate network but to the OT environment as well. According to Nozomi, IoT botnets were one of the fastest-growing threats to operational networks in the first half of 2020 because of the proliferation of IP-connected devices.