The latest Nozomi Networks Labs OT & IoT Security Report finds network anomalies and attacks were the most prevalent threat to operational technology (OT) and Internet of things (IoT) environments.
Vulnerabilities within critical manufacturing also surged 230%.
According to the report, network anomalies and attacks represented the most significant portion (38%) of threats during the second half of 2023.
‘Network scans’ topped the list of Network Anomalies and Attacks alerts, followed closely by ‘TCP flood’ attacks which involve sending large amounts of traffic to systems aiming to cause damage by bringing those systems down or making them inaccessible.
“These trends should serve as a warning that attackers are adopting more sophisticated methods to directly target critical infrastructure and could be indicative of rising global hostilities,” said Chris Grove, Director of Cybersecurity Strategy, Nozomi Networks.
The report reveals alerts on access control and authorisation threats jumped 123% over the previous reporting period. In this category ‘multiple unsuccessful logins’ and ‘brute force attack’ alerts increased 71% and 14% respectively.
The report lists the leading critical threats seen in real-world environments over the last six months as:
1. Network Anomalies and Attacks – 38% of all alerts
2. Authentication and Password Issues – 19% of all alerts
3. Access Control and Authorisation Problems – 10% of all alerts
4. Operational Technology (OT) Specific Threats – 7% of all alerts
5. Suspicious or Unexpected Network Behaviour – 6% of all alerts