While vulnerability disclosures increased 21% in the second half of 2021 and increasingly sophisticated criminal attacks made regular news, organizations are fighting back with targeted remediation efforts
A new OT/IoT security trends report from Nozomi Networks Labs finds that while ransomware and Ransomware as a Service (RaaS) attacks continued to dominate cybercriminal activity in the second half of 2021, there was a slight uptick in state-sponsored actions as global tensions rise.
Critical infrastructure such as healthcare, transportation, and food production is increasingly seen as highly vulnerable and lucrative targets based on their ability to disrupt society. More than 651 vulnerabilities were reported from July through December—a 21-percent increase over the previous six months. Supply chain vulnerabilities continue to offer the greatest opportunity to quickly spread damage across a wide range of products, service providers, or end-users.
For the first time since Nozomi Networks began publishing the bi-annual report, there are early signs that defenders are maturing their strategies for security and resilience and maybe starting to gain an upper hand. In the second half of the year, international law enforcement agencies combined efforts to take down ransomware gangs, seize bitcoin bounties and make criminal arrests. And, in spite of predictions that the Apache Log4j vulnerability would be the most widely exploited security breach ever, the attacks have not seen the catastrophic loss that was predicted.
“Security organizations and law enforcement are punching back,” said Nozomi Networks Co-founder and CTO Moreno Carullo. “We are seeing some good signs that more security professionals are modernizing their defenses to address both prevention and resiliency and that a post-breach mindset is paying off. Threats may be on the rise, but technologies and practices to defeat them are available now as we have greater insights into the nature of the vulnerabilities and attacks. We encourage more organizations to strengthen their security and situational awareness so they too are prepared in the face of an attack.”
Nozomi Networks’ “OT/IoT Security Report” provides security professionals with the latest insights needed to re-evaluate risk models and security initiatives, along with actionable recommendations for securing critical infrastructure. This latest report includes:
- An overview of the threat landscape, such as:
- Notable ransomware updates
- An assessment of supply chain attacks in the second half of 2021 and
- The state of Access Brokers Markets
- The latest statics on ICS-CERT vulnerabilities – with a deeper dive into exploitation trends
- Remediation strategies to help ensure organizations stay ahead of emerging threats
Related Resources:
- Read: OT/IoT Security Report
- Read the Blog Post: New Report: Trends and Countermeasures for Critical Infrastructure Attacks
- Sign Up for the Webinar: OT/IoT Security Review 2021 2H: Lessons for Critical Infrastructure
