HomeWinBuzzer NewsMicrosoft Warns of Rising Cyberattacks on Industrial IoT Devices

Microsoft Warns of Rising Cyberattacks on Industrial IoT Devices

Microsoft reports that 78 percent of industrial networks monitored by Microsoft Defender for IoT possess identifiable vulnerabilities.

-

Research from Microsoft reveals a surge in targeting operational technology (OT) devices linked to the Internet. These IoT devices play a pivotal role in monitoring and managing machinery in industrial settings, transmitting crucial data through embedded systems.

Extensive Weaknesses in Industrial Systems

Microsoft's 2023 Digital Defense Report indicates that 78 percent of industrial networks monitored using Microsoft Defender for IoT have identifiable vulnerabilities. Of these, 46 percent are burdened by outdated firmware, and 32 percent contain unpatched vulnerabilities, making them susceptible to attacks.

Cybercriminals frequently exploit these flaws by focusing on poorly secured OT devices that are directly accessible from the internet, circumventing recommended security protocols.

Impact of Geopolitical Tensions on Cybersecurity

says that the conflict between Israel and Hamas has exacerbated the situation, leading to a rise in cyberattacks on Israeli businesses. A prominent incident in November 2023 involved an attack on the Aliquippa water plant in Pennsylvania, which employed Israeli-made equipment. The group “CyberAv3ngers,” linked to the Islamic Revolutionary Guard Corps and tracked by Microsoft as Storm-0784, orchestrated the attack, disrupting a pressure regulation pump and altering the device's interface. This event triggered sanctions against IRGC officials by the U.S. Department of Treasury.

Microsoft's probe into the Aliquippa water plant attack identifies a typical target profile: OT systems with weak security that are exposed to the internet. 

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory in December 2023 highlighting these systems' weak sign-in configurations. A follow-up advisory in May 2024 underscored similar issues in the water sector.

Focus on Critical Infrastructure

Since the latter part of 2023, there has been an uptick in assaults on OT systems in critical sectors, notably water and wastewater facilities in the US, perpetrated by state-supported actors, including pro-Russian hacktivists in early 2024. Vulnerabilities in OT systems can be exploited to create malfunctions or full shutdowns, impacting programmable logic controllers (PLCs) and human-machine interfaces (HMIs).

Following the start of the Israel-Hamas conflict, attacks on OT systems linked to Israeli companies have intensified. Groups like “CyberAv3ngers,” “Soldiers of Solomon,” and “Abnaa Al-Saada” have conducted these cyberattacks, often bragging on Telegram. Their focus has been global, targeting equipment with messages such as “Every equipment ‘made in Israel' is a CyberAv3ngers legal target.”

Security Recommendations

In response, Microsoft suggests deploying comprehensive security solutions like for IoT. Other recommendations include performing regular vulnerability assessments, minimizing unnecessary internet connectivity for OT devices, and adopting zero-trust methodologies with network segmentation to thwart attackers from exploiting vulnerabilities and compromising critical systems.

SourceMicrosoft
Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.