U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

OT attacks increased by over 2000 percent in 2019, IBM reports

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased […]

OT attacks

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware.

IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks.

According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 percent in 2019 compared to 2018, and most of them involved the Echobot malware.

The number of cyber attacks targeting OT infrastructures in 2019 was the greater even observed.

OT attacks hit an all-time high. Malicious activity targeting operational technology assets, most notably industrial control systems (ICS), increased 2000 percent year-over-year in 2019, marking the largest number of attempted attacks on ICS and OT infrastructure in three years.” reads the post published by IBM that introduces the report.

In the OT attacks observed by IBM researchers, hackers attempted to exploit a combination of known ICS/SCADA vulnerabilities, as well as password-spraying attacks.

Experts pointed out that ICS attacks that they have observed were part of two specific campaigns carried out by the Xenotime group and by IBM Hive0016 (APT33).

In June 2019, experts from Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack was targeting electric utilities in the US and APAC.

“The overlap between IT infrastructure and OT, such as Programmable Logic Controllers (PLCs) and ICS, continued to present a risk to organizations that relied on such hybrid infrastructures in 2019.” continues the report. “The convergence of IT/OT infrastructure allows IT breaches to target OT devices controlling physical assets, which can greatly increase the cost to recover. “

Experts explained that once attacker gained the first foothold on the target network, they used lateral movement to target ICS systems from inside using simple exploitation techniques.

Fortunately, IBM experts had not seen any Echobot attacks that caused disruptions or other serious problems for the affected systems.

Experts from IBM believe that the number of OT attacks will rapidly increase in the next months.

“X-Force expects that attacks against ICS targets will continue to increase
in 2020, as various threat actors plot and launch new campaigns against
industrial networks across the globe.” concludes IBM.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – OT, Echobot)

[adrotate banner=”5″]

[adrotate banner=”13″]