Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Hackers are increasing their attacks on internet-exposed OT devices
They are trying to gain access to critical systems
3 min. read
Published onJune 1, 2024
published onJune 1, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Hackers are targeting the operational technology (OT) devices used in water and wastewater systems (WWS) across the US. According toMicrosoft, they mostly conducted their malicious operations on internet-exposed devices. During the past months, the number of attacks has grown. Thus, there is a real need to improve the security systems of critical OT devices.
Why are cybercriminals attacking OT devices?
Various industries use OT devices, like Programmable Logic Controllers (PLCs) or Human Machine Interfaces (HMIs). The PLCs controlindustrial systemsand processes, while the HMIs are features or components that allow employees to interact with machines. Thus, if the cyber attacks are successful, the threat actors might gain access to critical systems. As a result, they could cause serious outages and malfunctions.
Unfortunately, most OT devices use outdated software, poor configurations, and weak passwords. On top of that, they don’t follow security guidelines and are connected directly to the internet. This negligence allows hackers to use internet scanning tools to discover and target them. Also, most operations affected both the public sector facilities and private companies. So, even the private sector needs to ensure the security of OT devices.
In 2023, a group of threat actors known as Storm-0784 or CyberAv3ngers targeted the Aliquippa water plant in Pennsylvania. Their attack managed to cause the outage of a pressure water pump on the municipal water supply line. Also, there were multiple operations on Unitronics PLC-HMI OT systems in other parts of the world.
According to theMicrosoft Digital Defense Report 2023, 78% of the industrial network devices on customer networks monitored by Microsoft have security vulnerabilities, of which 46% use deprecated firmware and 32% use outdated software. Some devices lack a password or have a weak one.
How can you protect your OT systems?
Microsoft has a few tools and recommendations to protect your OT devices and enhance security. For example, you can useMicrosoft Defender for IoTto monitor your device and detect threats. You can getMicrosoft Defender Vulnerability Managementto automate the process of patching vulnerabilities.
In addition, consider closing unnecessary internet connections and make sure that your OT devices are not directly connected to the internet. Also, close unnecessary open ports and limit access to them. On top of that, you can implement zero-trust practices by isolating parts of the network using firewalls.
Ultimately, if your OT devices are not following the best security guidelines, you should start checking them. Also, consider informing your team about the risks of connecting them directly to the internet. Remember, threat actors are targeting poorly secured devices with outdated software.
How are you defending your OT systems? Let us know in the comments.
More about the topics:Cybersecurity,microsoft
Sebastian Filipoiu
Sebastian is a content writer with a desire to learn everything new about AI and gaming. So, he spends his time writing prompts on various LLMs to understand them better. Additionally, Sebastian has experience fixing performance-related problems in video games and knows his way around Windows. Also, he is interested in anything related to quantum technology and becomes a research freak when he wants to learn more.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Sebastian Filipoiu
Sebastian is a content writer with a desire to learn everything new about AI and gaming.
