Understanding the OT and IoT threat environment
As per the PwC’s 2022 Digital Trust Insights Survey, Indian businesses are investing more than ever in cybersecurity. This is indeed a welcome development and points to the rising awareness of the need to pay more attention to cybersecurity. However, in addition to improving the budgetary allocation, Indian businesses also need to focus on understanding how the OT and IoT threat environment is evolving and the implications of this evolution on their cybersecurity posture.
As per the findings of our Threat Landscape Report (TLR) for H1 2021, cyberattacks on India have evolved significantly in H1 2021. While in 2020 we saw a rise in cyberattacks, in 2021 we logged significant targeted activity in the country. The emergence of transitionary botnets (I.E those that went silent after a short period of intense activity) targeting India is a new phenomenon that we are observing and this has significant ramifications for businesses in the region.
The TLR analysis points to the emergence of a new wave of cyber risks linked to the growing sophistication of the methods hackers and adversarial groups are deploying to target businesses (especially start-ups) in India. In addition to multi-phase probing attacks from temporary botnets, hackers are also offering huge rewards for people sharing confidential information on privileges and access credentials.
As pointed out by Sectrio earlier on, Indian businesses are operating in an environment that permits a low geopolitical threshold for cyberattacks. APT groups are using sporting events to ramp up OT and IoT-focused cyberattacks on businesses, government, and critical infrastructure in India.
Indian start-ups and manufacturers are being targeted extensively. New IoT projects that are running multiple proof of concept evaluations without adequate cybersecurity are being targeted by hackers. In addition, manufacturing plants that are running converged networks are reporting a rise in cyberattacks.
Indian businesses need to pay attention to these four areas when it comes to OT and IoT cybersecurity.
- Threat intelligence: having the right threat intelligence data can mean the difference between a threat being detected or missed. Contextually relevant and impactful threat intelligence is the key to early detection of threats
- Vulnerability management: OT and IoT networks can have multiple vulnerabilities arising from devices that are untested for vulnerabilities, networks that may have open ports that are leaking data or serving as entry points for hackers, and unpatched devices
- Control the expansion of threat surfaces: minimize threat surfaces available for hackers to exploit
- Keep tabs on network activity: security teams should be aware of what is going on in their networks
Sectrio is offering a free threat assessment session and free threat intelligence feeds for trial for 15 days. Don’t forget to use this opportunity to improve your cybersecurity posture and to deter hackers.