The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer percentages of respondents expressed concerns for an increase in ransomware, phishing and social engineering attacks as well as for secure configurations of remote systems at 45% and 41%, respectively.

Security challenges associated with COVID-19 aren’t the only ones with which organizations must contend going forward. Via its managed security services, incident response services, penetration testing engagements and vulnerability management services, IBM Security observed that numerous digital threats gained prominence over the course of 2019. Three threats in particular stood out to IBM in its 2020 X-Force Threat Intelligence Report: those targeting operational technology (OT), ransomware and phishing.

The OT Threat Landscape

In the data it had collected since 2018, IBM X-Force found that digital attacks targeting industrial control systems (ICSes) and operational technology increased by over 2000%. Many of those attacks involved a combination of exploiting known vulnerabilities in supervisory control and data acquisition (SCADA) and ICS hardware components along with password spraying attacks leveraging brute force login techniques.

Screenshot of Threat Intelligence Report page 5
IBM’s 2020 X-Force Threat Intelligence Report, page 5

IBM noted that these tactics highlight the digital security challenges confronting organizations in their attempts to secure their OT environments:

X-Force IRIS security assessments delivered to our customers through 2019 highlighted the vulnerability of OT systems, which often use legacy software and hardware. Keeping production systems that can no longer be patched and are riddled with older vulnerabilities that have long become public means that even if OT systems are not internet facing, unpatched OT systems might be easy (Read more...)