SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
A new report shows RaaS dominates, but defences are gaining the upper hand
Thu, 3rd Feb 2022
FYI, this story is more than a year old

While vulnerability disclosures increased 21% in the second half of 2021 and increasingly sophisticated criminal attacks made regular news, organisations fight back with targeted remediation efforts.

As ransomware and Ransomware as a Service (RaaS) attacks continued to dominate cybercriminal activity in the second half of 2021, there was a slight up tick in state-sponsored actions as global tensions rise, finds a new OT/IoT security trends report from Nozomi Networks Labs.

The 2021 2H report is designed to help security teams and researchers protect their ICS and OT/IoT environments. It focuses on three main areas: trends in attacks, vulnerability research, and best practices in remediation efforts and technology.

Critical infrastructure such as healthcare, transportation and food production are seen increasingly as highly vulnerable and lucrative targets, based on their ability to disrupt society. More than 651 vulnerabilities were reported from July through December - a 21% increase over the previous six months. Nozomi Networks' report shows supply chain vulnerabilities continue to offer the greatest opportunity to quickly spread damage across a wide range of products, service providers or end-users.

There are early signs that defenders are maturing their strategies for security and resilience for the first time since Nozomi Networks began publishing the bi-annual report, and may be starting to gain the upper hand. International law enforcement agencies combined efforts to take down ransomware gangs, seize bitcoin bounties and make criminal arrests in the second half of the year.

And, despite predictions that the Apache Log4j vulnerability would be the most widely exploited security breach ever, the attacks have not seen the catastrophic loss predicted.

"Security organisations and law enforcement are punching back. We're seeing some good signs that more security professionals are modernising their defences to address both prevention and resiliency and that a post-breach mindset is paying off," says Nozomi Networks co-founder and CTO, Moreno Carullo.

"Threats may be on the rise, but technologies and practices to defeat them are available now as we have greater insights into the nature of the vulnerabilities and attacks. We encourage more organisations to strengthen their security and situational awareness, so they too are prepared in the face of an attack."

The Nozomi Networks OT/IoT Security Report provides security professionals with the latest insights needed to re-evaluate risk models and security initiatives, along with actionable recommendations for securing critical infrastructure.

The latest report includes an overview of the threat landscape, such as notable ransomware updates, an assessment of supply chain attacks in the second half of 2021, and the state of Access Brokers Markets. The latest statics on ICS-CERT vulnerabilities - with a deeper dive into exploitation trends. And remediation strategies to help ensure organisations stay ahead of emerging threats.