Weekly threat monitor: January 31st, 2022

The advisory issued on maintaining a high state of alert in cyberspace by Sectrio will apply to this week as well since we are not seeing any dip in the volume of cyberattacks across the globe. We are also recording a significant rise in reconnaissance cyberattacks on IoT deployments across the globe. Our threat intelligence team has isolated 40 sophisticated and targeted cyberattacks on businesses using IoT last week. These attacks were multi-modal in nature and targeted components across the connected chain from devices to platforms.

This could also be part of an attempt by hackers to wear down SOC teams and induce detection fatigue to launch bigger attacks in the future. All our global honeypots logged a significant rise in cyberattacks last week. The continuing increase is a matter of concern.

There seems to be a concerted effort to breach IoT systems globally. Hackers also seem to be exploiting vulnerabilities announced last month. Overall, businesses in the manufacturing, pharmaceutical, oil and gas, and maritime segments are advised to maintain a high level of alert this week. This is based on the cyberattack patterns we have seen last week as well as chatter intercepted by our threat intelligence team.

IoT and OT security teams need to be on their guard. Advisories issued by US CISA and NIST (on controls) need to be implemented immediately. We also recommend switching over to a Zero Trust mode using micro segmentation across infrastructure at the earliest.

Weekly advisory

Segments under this list must be on high alert in the coming weeks:
  • Water and water treatment
  • Utility entities
  • Oil and gas
  • Manufacturing
  • Healthcare
  • Government websites and agencies – especially lawmakers and government agencies connected with internal/homeland security
  • Manufacturing plants and maritime agencies
  • Financial services

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to Top