Blog

Specific IoT and OT security predictions for North America for 2023

By |

The year 2023 will see a significant shift in the way cyberattacks are engineered and that is just a start. To help you understand how things will change in 2023, we have distilled our learning from the last 4 years and the threat intelligence gathered from our global threat research facilities into specific points for your understanding.

We would like to place on record these specific IoT and OT security predictions:

  • Cyberattacks on OT networks in North America will be driven by cyberattacks deflected from IoT devices and networks connected with new IoT projects. This is a tricky one. The bad actors are already sitting on many proof-of-concept projects running across sectors such as logistics, renewable energy, and more. Networks hosted by such projects are being breached with the devices converted into zombies to target third-party OT networks for the exfiltration of data and infiltration of malware-laden data traffic
  • Target: immigration systems: case management software handling data and workflows and systems that enable audit trails will be targeted in US and Canada. These attacks will be targeted at disrupting these systems and erasing data
  • Airports will be targeted through on-site connected devices; personal data in ticketing systems will be targeted
  • Incident response will be a clear priority for many organizations in 2023. The focus will be on detecting and containing attacks while ensuring continuity of business and employee and data safety
  • Load on SOC teams will rise: some SOC teams will see a reduction in the number of employees assigned to them as part of downsizing. Hackers could target such SOC facilities through a false positive surge to tie the resources down further before launching the big one.   
  • Reply-phishing attacks using stolen credentials will see a sharp rise in 2023. Non-APT actors will use this tactic extensively to breach corporate networks connected with IoT and OT. Data stolen from cloud email servers or data back-ups hosted on unsecured servers will be used for this purpose 
  • APT groups have been trying to infiltrate defense and space tech supply chains in US and Canada for a while. Component manufacturing companies in South Korea, Taiwan, and Japan could be targeted to gain entry into supply chains connected with military hardware.     
  • Ship-to-shore and Satcom communications for LNG carriers will be targeted on high seas  
  • Oil pipelines continue to be under the radar of hackers
  • Revenge cyberattacks carried out through cyberattacks for hire groups or by hacktivists will rise in 2023 
  • Massive increase in threat surface area due to the addition of more connected systems to manage various functions remotely or onsite
  • Companies that have not finished cyber audits in the last 90 days are at risk 

The IoT and OT Security CISO peer survey 2022 report conducted by Sectrio is a must-read for all. Click here and download your copy of the report now: The CISO Peer Survey Report 2022

We are giving away threat intelligence for free for the next 2 weeks. Find out how you can sign up and try out our threat intelligence feeds

Defence in depth without contextual threat intelligence is an unlit alley 1
Threat Modeling Using the Purdue Model for ICS Security – Sectrio

Find out what is lurking in your network. Go for a comprehensive 3-layer threat assessment now

Comprehensive asset discovery with vulnerability and threat assessment 1200 × 630px
Comprehensive Asset Discovery with Vulnerability and Threat Assessment See our IoT and OT Security solution in action through a free demo
Avatar of sectrio
Sectrio is a technology market leader in the Internet of Things (IoT), Operational Technology (OT), Information Technology (IT) and 5G Security products for securing the most critical assets, data, networks, supply chains and device architectures for diverse deployments across geographies. Sectrio solutions minimize the attack surface and eliminate all risks from hackers, malware, cyber espionage, and other threats by securing the entire digital footprint covering services, applications, and surfaces through a single platform powered by real-time threat intelligence sourced from Sectrio’s largest honeypot network active in 75+ cities around the world.

Subscribe to Newsletter

[mc4wp_form id="22046"]

Related Posts

Protect your IoT, OT and converged assets with Sectrio