Urgent Call To Protect OT Devices as Cyber Attacks Surge, Warns Microsoft
Microsoft’s latest report highlights the urgent need to secure internet-exposed operational technology (OT) devices amidst a surge in cyber attacks. Discover critical vulnerabilities and preventive measures to protect your systems.
- Microsoft has observed a rise in cyber attacks on vulnerable OT devices, mainly targeting critical infrastructure systems.
- Organizations need to enhance security measures promptly using Microsoft’s recommended strategies.
According to a new report from Microsoft, there is an urgent need for improved security measures in light of recent attacks on operational technology (OT) devices. Because OT devices frequently have insufficient security features and are crucial for key infrastructure and industrial operations, cybercriminals are increasingly focusing on them.
Microsoft has noticed increased attacks on internet-exposed, poorly secured operation technology devices since late 2023. Nation-backed actors have recently started targeting the US water and wastewater system (WWS). These actors include IRGC-affiliated “CyberAv3ngers” in November 2023 and pro-Russian hacktivists in early 2024. These frequent attacks highlight how urgently OT device security needs to be secured to protect critical infrastructure.
See more: DDoS Attacks on Critical Infrastructure in the Geopolitical Warfare
Microsoft recommends several strategies to mitigate risks associated with internet-exposed OT devices:
- Use Microsoft Defender for IoT to monitor IoT and OT devices and integrate with SIEM/SOAR and XDR platforms.
- Perform vulnerability assessments using Microsoft Defender Management and Microsoft Defender for Endpoint.
- Eliminate unnecessary internet connections for IoT and OT systems. Ensure no direct OT system connection to the internet exists. Close open ports and services, restrict remote access, or implement a firewall/VPN.
- Apply zero-trust principles and network segmentation. Use firewalls to separate OT from IT and leverage Microsoft Defender External Attack Surface Management.
- To prevent common attack techniques, activate attack surface reduction rules in Microsoft Defender for Endpoint.
As cyber criminals continue to target vulnerable systems, enterprises must stay vigilant and proactive in mitigating security risks. Microsoft’s warning serves as a timely reminder of the importance of cybersecurity resilience and highlights the need for organizations to prioritize security measures against evolving cyber threats.
MORE ON CYBERSECURITY
- New Cyber Espionage Campaign by LilacSquid Affects IT, Energy, and Pharma Industries
- BBC Pension Scheme Data Breach Exposes Personal Info
- U.S. Government Sanctions Cybercrime Network Using Free VPN Services for Proxy Botnet
- Chrome Security Alert: Fourth Zero-Day Exploit Patched This Month
- AI Bots Easily Tricked: Immersive Labs Reveals Widespread Security Threat
