Probably the most infamous ransomware incidents in historical past occurred in Might 2021, when malicious hackers held the Colonial Pipeline hostage, inflicting gasoline shortages and widespread panic. The high-profile incident underscored the vulnerability of U.S. essential infrastructure and operational expertise (OT) to cyberattacks.
At present, OT — which we depend on for water, transportation, meals, electrical energy and extra — faces escalating threats. In line with current analysis from Fortinet, 82% of organizations noticed intrusions have an effect on their OT methods previously 12 months, a rise from 73% in 2024 and 49% in 2023.
This week’s featured articles discover the worldwide monetary stakes of OT safety, vulnerabilities opening essential infrastructure to assault and new steerage from the federal authorities for securing OT belongings.
OT cyber threats put greater than $300B in danger yearly
Catastrophic cybersecurity occasions involving OT have the potential to price almost $330 billion in a single 12 months, in accordance with a brand new report by safety vendor Dragos and threat providers agency Marsh McLennan, with enterprise interruption accounting for $172 billion of these losses. The researchers mentioned there’s a .4% chance of such a state of affairs unfolding in 2026.
In distinction, the typical annual world threat is $12.7 billion, whereas the 12-month aggregated threat is $31 billion.
In line with Dragos researchers, many firms underestimate the danger that OT disruptions pose to enterprise continuity. Consequently, they focus their cybersecurity budgets totally on IT reasonably than OT.
The report advised lowering OT threat with the next methods:
OT networks below energetic assault as a result of essential RCE flaw
Attackers are exploiting a essential distant code execution (RCE) vulnerability within the Erlang programming language’s Open Telecom Platform, extensively utilized in OT networks and important infrastructure. The flaw permits unauthenticated customers to execute instructions by way of SSH connection protocol messages that needs to be processed solely after authentication.
Researchers from Palo Alto Networks’ Unit 42 mentioned they’ve noticed greater than 3,300 exploitation makes an attempt since Might 1, with about 70% concentrating on OT networks throughout healthcare, agriculture, media and high-tech sectors.
Specialists urged affected organizations to patch instantly, calling it a high precedence for any safety group defending an OT community. The flaw, which has a CVSS rating of 10, might allow an attacker to achieve full management over a system and disrupt linked methods — notably worrisome in essential infrastructure.
Learn the total story by Elizabeth Montalbano on Darkish Studying.
Attackers use Citrix NetScaler flaws to penetrate essential infrastructure
Dutch authorities have reported profitable cyberattacks towards essential infrastructure organizations utilizing vulnerabilities in Citrix NetScaler merchandise. The assaults started in Might, predating Citrix’s June disclosure of two essential flaws. The delicate attackers reportedly hid their actions by erasing proof of the intrusions.
Hundreds of weak NetScaler situations stay uncovered worldwide, together with greater than 1,300 within the U.S., in accordance with the Shadowserver Basis. The group mentioned it has detected exploitation makes an attempt for each vulnerabilities.
CISA has urged organizations to right away patch the vulnerability. Safety consultants concern widespread assaults like people who exploited the Citrix Bleed vulnerability in 2023.
Industrial protocol’s encryption flaws depart essential infrastructure uncovered
A safety researcher has uncovered vital vulnerabilities in Open Platform Communications Unified Structure (OPC UA), a extensively used industrial communication protocol that usually replaces VPNs in OT environments.
Regardless of its complicated cryptography, the protocol comprises design flaws that might allow attackers to bypass authentication and exploit outdated encryption requirements. Researcher Tom Tervoort, a safety specialist at Netherlands-based safety firm Secura, recognized points affecting at the very least seven totally different merchandise, ensuing within the issuing of three CVEs.
The OPC Basis has labored with distributors to implement fixes, which embody software program updates and configuration adjustments. Organizations utilizing OPC UA are suggested to verify vendor documentation, apply patches and think about IP allowlisting to guard essential infrastructure from potential exploitation.
World cybersecurity alliance affords OT asset stock pointers
U.S. companies and worldwide companions from Australia, Canada, Germany, the Netherlands and New Zealand have launched new steerage on sustaining asset inventories in essential infrastructure organizations.
The doc gives finest practices for inventorying and managing OT belongings, which, in flip, permits groups to extra successfully safe them. Pointers embody the next:
- Prioritize safety measures based mostly on threat ranges.
- Overview asset upkeep plans and keep spare-parts inventories to maximise operational reliability.
- Examine the price of system upgrades with the price of potential outages.
- Implement secure-by-design methods.
- Use change administration processes to maintain inventories present.
Learn the total story by Eric Geller on Cybersecurity Dive.
Editor’s word: An editor used AI instruments to assist within the technology of this information temporary. Our skilled editors all the time overview and edit content material earlier than publishing.
Alissa Irei is senior web site editor of Informa TechTarget Safety.
