Sectrio

Latest Attacks on IoT & Critical Infrastructure, Exploits Trends Across the North American Market?

Audio Transcript

This question we get quite often is what’s going on in the world, what should we see start as far as some trends. Sectrio actually manages the world’s largest OT and IoT honeypot network this allows us to grade some unique insights of what’s going on out there in the industry, and we try to break it down really simplistic over the last year into five main trends that we’re starting to see and then later on this slide Preetham also talk about kind of the future trends that we’re seeing a little alarming of course

The first thing we have is hackers are aligning globally, so previously you had state-run hacking groups as known as APTs (Advanced Persistent Threat Groups), freelance hackers these established hacking groups they’re all in separate cells now they’re starting to collaborate amongst themselves to do centralized targets, so they’re geographically spread out, but they’re actually hitting targets on the dark web.

It’s open almost to the highest bidder to say hey this is our target who can get in who can find a weakness and there’s coordination between all these different groups almost like a cloud-based virtualized hacking consortium we’ve also seen that our teams keep a big pulse on the dark web, so we’ve seen actual recruitment ads and efforts for hackers increasing dramatically in the last 12 months more so than ever before we’ve also seen that some countries that weren’t on the radar previously for those APTS are starting to pop up on the radar typically China, North Korea what have you Russia you’ve seen some typical news entities and some the usual suspects that are out there, but we’re actually starting to see other countries pop on the radar too.

It’s just pointing again to that decentralized nature and coordination amongst global hacking entities, pretty scary stuff one of the second points that we’re seeing as far as trends were it was all about the money, 2020 was the most profitable year for hackers. 2021 seems to be on target to set a new record for that being that ransomware attacks are basically the cornerstone to monetize all efforts for hacking, on average it’s taken entities two million dollars to pay to get their data back for a breach and this is globally adding all that up in 2020 it’s about four billion dollars.

You’ve already actually started to see a lot of entities out there instead of cyber risk mitigation they’re rather just paying the insurance premiums which are costing them dramatically exponentially more amounts of money but yeah pretty scary stuff too third point we’re seeing is a shift in targets, so previously we saw a lot of shifts or a lot of targets being the IT side of the house going after the large IT tech firms, but those targets are starting to shift into manufacturing again critical infrastructure hospitals really targeting those Achilles of the networks being the OT and IoT networks so devices that are black standards they or devices that are now on the network that they originally weren’t intended to be on the network and so those have a lot of vulnerabilities and issues that hackers are exploiting to get into those networks and start to move laterally across even back into the IT side of the house if it’s interconnected. 

We’re seeing almost a 91% increase on manufacturing plants over the last year and 600 percent I think it was 605% increase on hospital attacks which is a double whammy considering COVID-19 and all the resources were spread pretty thin hackers were actually going after it thinking that hey limited resources we can try to find a weakness and make as much damage and exploitation as possible the fourth thing that we’re seeing is botnets.

Botnets are simply just malicious code being run on a computer or a device unbeknownst to the user for malicious intent we’re seeing at the highest record level ever, so it’s over a 500% increase from the year before the terrifying thing that we’re seeing is that botnets are now specifically targeting critical infrastructure, so they’re the coding and the setup for these botnets are now going after weaknesses or exploits or DDOS (Denial-of-service attacks) to go after that critical infrastructure as well as hospitals in manufacturing entities

The last trend that we’re seeing again is we keep a pulse on the dark web we’re seeing over a 600% increase in sensitive data appearing on the dark web the scary thing about this is it’s almost instantaneous by the time the hack is not even found out about but the time the data is stolen within minutes it’s appearing on the dark web open to the highest bidder, so this includes everything like attacks and supply chain manufacturing critical one frog governments data centers it’s just a honey pot of sensitive information as soon as that information is pulled it’s immediately available to the highest bidder in the dark web.

Scroll to Top