Connect with us

Hi, what are you looking for?

SOFTWARE

Microsoft releases third edition of Cyber Signals

OT is a combination of hardware and software across programmable systems or devices that interact with the physical environment (or manage devices that interact with the physical environment).

Microsoft has released its third edition of Cyber Signals, a regular cyberthreat intelligence brief spotlighting security trends and insights gathered from Microsoft’s 43 trillion daily security signals and 8,500 security experts. This edition highlights new insights on the wider risks that converging IT, Internet-of-Things (IoT), and Operational Technology (OT) systems pose to critical infrastructure, and how enterprises can defend against these attacks.

OT is a combination of hardware and software across programmable systems or devices that interact with the physical environment (or manage devices that interact with the physical environment). Examples of OT can include building management systems, fire control systems, and physical access control mechanisms, like doors and elevators.

With increasing connectivity across converging IT, OT, and IoT, organizations and individuals need to rethink cyber risk impact and consequences. Similar to how the loss of a laptop or modern vehicle containing a homeowner’s cached Wi-Fi credentials could grant a property thief unauthorized network access, compromising a manufacturing facility’s remotely connected equipment or a smart building’s security cameras introduces new vectors for threats like malware or industrial espionage.

Vasu Jakkal, Corporate Vice President for Security, Compliance, Identity, and Management at Microsoft, said: “As OT systems underpinning energy, transportation, and other infrastructures become increasingly connected to IT systems, the risk of disruption and damage grows as boundaries blur between these formerly separated worlds. For businesses and infrastructure operators across industries, the defensive imperatives are gaining total visibility over connected systems and weighing evolving risks and dependencies.”

Advertisement. Scroll to continue reading.

Key insights shared in this edition of Cyber Signals include:

  • Microsoft identified unpatched, high-severity vulnerabilities in 75% of the most common industrial controllers in customer OT networks. This illustrates how challenging it is for even well‑resourced organizations to patch control systems in demanding environments sensitive to downtime.[1]
  • There has been a 78% increase in disclosures of high-severity vulnerabilities from 2020 to 2022 in industrial control equipment produced by popular vendors.1
  • Over 1 million connected devices are publicly visible on the Internet running Boa, an outdated and unsupported software still widely used in IoT devices and software development kits.1

For businesses and individuals, securing IoT solutions with a Zero Trust security model starts with non-IoT specific requirements. This can be achieved by specifically ensuring they have implemented the basics to securing identities and their devices and limiting their access. These requirements include explicitly verifying users, having visibility into the devices on the network, and real-time risk detections.

To learn more about IT, OT, and IoT threats, read the third edition of Cyber Signals today. To learn more about Microsoft Security solutions and keep up with expert coverage on security matters, visit the Microsoft Security website and Microsoft Security blog.


[1] Methodology: For snapshot data, Microsoft platforms including Microsoft Defender for IoT, Microsoft Threat Intelligence Center and Microsoft Defender Threat Intelligence provided anonymized data on device vulnerabilities, such as configuration states and versions, and data on threat activity on components and devices. In addition, researchers used data from public sources, such as the National Vulnerability Database (NVD) and Cybersecurity & Infrastructure Security Agency (CISA). The cover stat is based on Microsoft engagements in 2022. Control systems in critical environments include electronic or mechanical devices which utilize control loops for improved production, efficiency, and safety.

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

Laptops

With exclusive access to the NVIDIA Studio platform of creative tools and tech, and Max-Q Technologies optimizing battery life, acoustics, and more, you’ve got...

HEADLINES

Built on the Fortinet operating system, FortiOS, and the latest, fifth-generation Fortinet security processing unit (SP5), the FortiGate 200G series delivers increased firewall throughput, FortiGuard AI-Powered Security Services, and 5GE...

HEADLINES

A collaboration between marketing agency Craft Shack Inc. and its technical services partner FOC Inc. / Artbi Global Philippine Corporation, YES! Free WiFi aims...

HEADLINES

Signed in early May, the agreement underscores the shared vision of both organizations to drive greater financial inclusion by empowering micro, small, and medium...

HEADLINES

The Garmin Run in Manila will be held at Filinvest City, Alabang on November 17, 2024. The race features categories of 5km, 10km, and...

HEADLINES

The survey found that generative AI is perceived as the key to unlocking competitiveness. 57% of BFM CEOs surveyed stated that gaining a competitive...

HEADLINES

Oracle Interconnect for Google Cloud will be initially available for customer onboarding in 11 global regions, allowing customers to deploy general purpose workloads with...

HEADLINES

Meranaw entrepreneur Aslia Ilian Dimaocom leads the Pindoguan Farm Producers Cooperative (PFPC) in Lanao del Sur. The small cooperative produces rice and Maranao delicacies...

Advertisement