New Report from Nozomi Networks Labs Finds IoT Botnets and Shifting Ransomware are Raising the Stakes for Enterprises Worldwide

SYDNEY, Australia, July 22, 2020 — A new report from Nozomi Networks Labs finds cyber threats against OT and IoT infrastructure continued to grow in number and impact in the first half of 2020. OT-reliant organisations are increasingly embracing IoT devices, and COVID-19 has forced a global shift to remote work. Unfortunately, threat actors appear to be capitalising on these trends. In the first six months of this year, they used IoT botnets and shifting ransomware tactics as their weapons of choice for targeting OT and IoT networks.

Nozomi Networks’ “OT/IoT Security Report,” gives IT security professionals an overview of the most active OT and IoT threats seen by Nozomi Networks Labs in the first half of this year. The report found: 

• New and modified IoT botnets are among the fastest growing categories of attacks, as threat actors take advantage of the increased use of IoT devices in operational networks.  
• Ransomware attackers are demanding higher ransoms, aimed at larger and more critical organisations. Additionally, ransomware gangs are often using a two-pronged approach that combines data encryption with data theft, making it difficult for the victim to avoid paying up.
• SNAKE/EKANS ransomware continued to strike, exhibiting OT-awareness and suggesting that non-state threat actors could target industrial control systems.
• The COVID-19 global pandemic provided threat actors with more vectors and opportunities for exploitation. Coronavirus has also opened the door to unscrupulous attacks targeting researchers and healthcare organisations on the front lines. 
• Improper input validation and buffer overflows topped the ICS-Cert vulnerabilities reported in the first half of 2020. The number of vulnerabilities tracked by ICS-Cert is growing significantly compared to 2019.

“The steep rise in threats targeting operational networks should be a serious concern for security professionals responsible for keeping not only IT, but OT and IoT networks safe,” said Andrea Carcano, Nozomi Networks Co-founder and CPO. “The days when threats to operational networks were few and far between and often attributed to nation-state actors are clearly behind us. As IT, OT and IoT worlds converge, threat actors of all types are setting their sights on higher value targets, leaving security organisations scrambling to keep up. It’s a daunting task, but not impossible. We know from working with thousands of industrial installations that you can monitor and mitigate these risks, whether they stem from cybercriminals, nation-states or employees.” 

Nozomi Networks’ “OT/IoT Security Report” summarises the most active OT and IoT threats and vulnerabilities seen by Nozomi Networks Labs in the first six months of this year. The report shares insights into threat tactics and techniques and provides recommendations for protecting critical networks. 

###

Related Resources:

Read: OT/IoT Security Report: Rising IoT Botnets and Shifting Ransomware Escalate Enterprise Risk

Read the Blog Post: What IT Needs to Know about OT/IoT Security Threats in 2020

Sign up for the August 6th OT/IoT Security Report Webinar

About Nozomi Networks
Nozomi Networks is the leader in OT and IoT security and visibility. We accelerate digital transformation by unifying cybersecurity visibility for the largest critical infrastructure, energy, manufacturing, mining, transportation, building automation and other OT sites around the world. Our innovation and research make it possible to tackle escalating cyber risks through exceptional network visibility, threat detection and operational insight. www.nozominetworks.com

Follow the Nozomi Networks Blog

Follow @nozominetworks on Twitter

Visit and follow the Nozomi Networks Corporate Page on LinkedIn