As malicious cyber threat campaigns continue around the world, businesses, industrial establishments, and governments should ramp their efforts to implement zero-trust architecture across facilities. OT and IoT operators need to pay more attention to vulnerabilities as hackers will be ramping up their attacks on OT and IoT deployments in the days to come.
As far as the nature of attacks go, hackers are using a mix of brute force and credential stuffing tactics to penetrate networks. At least 3 attempts to reset server level passwords and activate firmware level trojans were also logged in separate cyberattacks on oil and gas and industrial facilities in US and Europe.
In our previous update, Sectrio alerted and recommended that all maintain a code orange in the following weeks, especially oil and gas entities in Europe and the middle eastern region. A new wave of cyberattacks including a sophisticated ransomware named BlackCat, sweeping two major oil and gas entities in Europe, impacting its operations. The breached data on the dark web paved its path as a deep analysis from the obtained data suggests that a large amount of information related to vulnerabilities found in OT, ICS, and legacy systems are being shared and consumed rigorously by hackers and malware developers. Meaning we are to expect and stay vigilant in the days ahead.
In the Asia Pacific region, we recommend all in the manufacturing, Oil, and Gas sector, and the maritime sector be on high alert as stealthy reconnaissance attacks make were identified while infiltrating and discovering new vulnerabilities in converged IoT, OT, and ICS environments.
Segments under this list must be on high alert in the coming weeks:
- Oil and gas
- Utility entities
- Manufacturing plants and maritime agencies
- Government Agencies
- Financial services