news
Nozomi Networks
finds execs believe
employees are
greatest threat to
critical infrastructure
security
new survey sponsored in part
by Nozomi Networks has found
A
that as critical infrastructure
organisations converge
their IT, OT, IoT and physical systems
to improve overall performance,
employees are the biggest threat to
cyber and physical security. The report,
Weathering the Perfect Storm: Securing
the Cyber-Physical Systems of Critical
Infrastructure, queried over 400 C-level
executives from critical infrastructure
organisations across North America,
Europe and Asia/Pacific and found:
• 52% say employees are the biggest
threat to operational security
• Cyber incursion into IT data systems
accounted for 53% of attacks in the
last 12 months
• 85% of security incursions made their
way into Operational Techonology
(OT) networks – of those, 36% started
in IT/data systems and 32% involved
physical incursion into OT
• More than half (64%) say it took a
cyber or physical security breach
to motivate them to move towards
a more holistic approach to cyberphysical
security
• A quarter believe their existing
security is adequate
“The perfect storm of increasing
cyberthreats, Digital Transformation and
IT/OT convergence means organisations
must move swiftly to gain visibility and
enhance cybersecurity into their OT and
IoT networks,” said Nozomi Networks
CMO, Kim Legelis. “It’s a board
issue and an employee issue. We are
encouraged that organisations recognise
both the threats and the opportunities of
modernising critical infrastructure. We
know from working with thousands of
industrial installations, that it’s possible
to monitor and mitigate these risks,
whether they stem from cybercriminals,
nation-states or employees.”
RISE IN CYBERATTACKS IN ITALY
PROVE COVID-19 IS IMPACTING
CYBERSECURITY
ynet has announced that an
C
analysis of the company’s
aggregate customer data
in Italy is connecting the spread of
the Coronavirus (COVID-19) to a
growing volume of cyberattacks in
the region. The findings reveal that
companies with higher instances of
the virus and that have quarantined
or instructed employees to work
from home, are now experiencing a
sharp rise in both phishing attacks
that target remote user credentials
and include weaponised email
attacks. This shows the propensity
for hackers to shift their focus
to remote work environments in
order to capitalise on the virus
while thwarting corporate security
measures. This data also illustrates
the future cyber implications for any
territory in which the Coronavirus
would spread to the level that
justifies a similar quarantine policy.
This analysis, conducted by Cynet,
focuses on multiple organisations
in Italy and shows a distinct spike
in remote worker phishing attacks,
compared to countries with fewer
attacks. This indicates that remote
workers have become a weak link
that threat actors are targeting and
that user credentials in offsite computing
(home) environments are increasingly
at risk – especially in regions with
escalating cases of COVID-19. This
spike is coupled by a similar increase
in anomalous remote login attempts
flagged by Cynet as malicious.
Crossing the two trends indicates a
clear inclination by criminal hackers to
leverage the situation and maliciously
log in to organisational resources.
Another trend that Cynet has identified
is the sharp rise in weaponised email
attacks. As personal computers lack
enterprise-grade email security and
advanced endpoint protection, they
are significantly less secure and more
vulnerable to malware, exploits, macros
and other malicious executables.
According to Cynet’s findings, 21%
of personal computer email systems
featured simplistic attacks with a link
to download a malicious executable
embedded in the email body. The rest
of attacks were more advanced and
included malicious macros (32%) and
exploits or redirection to malicious
websites (35%) – a challenge that
surpasses the capabilities of most
home devices antivirus and email
protection solutions.
12 Issue 24 | www.intelligentciso.com