Intelligent CISO Issue 24 | Page 12

news Nozomi Networks finds execs believe employees are greatest threat to critical infrastructure security new survey sponsored in part by Nozomi Networks has found A that as critical infrastructure organisations converge their IT, OT, IoT and physical systems to improve overall performance, employees are the biggest threat to cyber and physical security. The report, Weathering the Perfect Storm: Securing the Cyber-Physical Systems of Critical Infrastructure, queried over 400 C-level executives from critical infrastructure organisations across North America, Europe and Asia/Pacific and found: • 52% say employees are the biggest threat to operational security • Cyber incursion into IT data systems accounted for 53% of attacks in the last 12 months • 85% of security incursions made their way into Operational Techonology (OT) networks – of those, 36% started in IT/data systems and 32% involved physical incursion into OT • More than half (64%) say it took a cyber or physical security breach to motivate them to move towards a more holistic approach to cyberphysical security • A quarter believe their existing security is adequate “The perfect storm of increasing cyberthreats, Digital Transformation and IT/OT convergence means organisations must move swiftly to gain visibility and enhance cybersecurity into their OT and IoT networks,” said Nozomi Networks CMO, Kim Legelis. “It’s a board issue and an employee issue. We are encouraged that organisations recognise both the threats and the opportunities of modernising critical infrastructure. We know from working with thousands of industrial installations, that it’s possible to monitor and mitigate these risks, whether they stem from cybercriminals, nation-states or employees.” RISE IN CYBERATTACKS IN ITALY PROVE COVID-19 IS IMPACTING CYBERSECURITY ynet has announced that an C analysis of the company’s aggregate customer data in Italy is connecting the spread of the Coronavirus (COVID-19) to a growing volume of cyberattacks in the region. The findings reveal that companies with higher instances of the virus and that have quarantined or instructed employees to work from home, are now experiencing a sharp rise in both phishing attacks that target remote user credentials and include weaponised email attacks. This shows the propensity for hackers to shift their focus to remote work environments in order to capitalise on the virus while thwarting corporate security measures. This data also illustrates the future cyber implications for any territory in which the Coronavirus would spread to the level that justifies a similar quarantine policy. This analysis, conducted by Cynet, focuses on multiple organisations in Italy and shows a distinct spike in remote worker phishing attacks, compared to countries with fewer attacks. This indicates that remote workers have become a weak link that threat actors are targeting and that user credentials in offsite computing (home) environments are increasingly at risk – especially in regions with escalating cases of COVID-19. This spike is coupled by a similar increase in anomalous remote login attempts flagged by Cynet as malicious. Crossing the two trends indicates a clear inclination by criminal hackers to leverage the situation and maliciously log in to organisational resources. Another trend that Cynet has identified is the sharp rise in weaponised email attacks. As personal computers lack enterprise-grade email security and advanced endpoint protection, they are significantly less secure and more vulnerable to malware, exploits, macros and other malicious executables. According to Cynet’s findings, 21% of personal computer email systems featured simplistic attacks with a link to download a malicious executable embedded in the email body. The rest of attacks were more advanced and included malicious macros (32%) and exploits or redirection to malicious websites (35%) – a challenge that surpasses the capabilities of most home devices antivirus and email protection solutions. 12 Issue 24 | www.intelligentciso.com