- The latest Typhoon Volt attack discovery raises concerns about OT security culture
- The role of artificial intelligence in attacks continues to worry about cybersecurity leaders
- Vulnerable OT servers leave SMEs and companies open to ransomware attacks and IP flight
Volt Typhoon, a group of threats with links with China, had access to the Operational Network (OT) of Massachusetts Littleton Electric Light and Water Department (Lelwd) in 2023.
The intrusion lasted from February to November 2023, but safety researchers from Dragos, who discovered it, quickly moved once known; Identify the group’s activities on the server and contain the threat without the customer data being compromised.
Data on OT networks, in particular with regard to critical national infrastructure (CNI), is important to lock. InfoSecurity reported on Donovan Tindill, Director of Cybersecurity at Denexus, explaining that servers of small businesses of this type allow the theft of intellectual property, the mapping of utility grid structures and the data to be taken from ransomware attacks.
Stay at the top of cybersecurity ot
Experts weighed on the implications of the attack. Tim MacKey, the Chief of Risk Strategy for the Black Duck software supply chain, said that “one of the biggest challenges in cybersecurity in critical infrastructure is the long lifespan of the devices. Something that has been designed and tested with best practices available when it was released can easily become vulnerable to attacks using more sophisticated attacks later in its life cycle. »»
Nathaniel Jones, vice-president of DarkTrace’s threats on threats, added that the impact of AI tools in attacks against CNI was a “continuous and growing concern” for those who defend OT networks.
Agnidipta Sarkar, vice-president of Ciso Advisory of Colortokens, warned that the attacks were increasing, but were also treated erroneously by defenders and leaders. “Unfortunately,” they said, “cyber-ot leadership focuses on stopping attacks instead of stopping the proliferation of attacks.”
In case you have missed it, Techradar Pro reported that the complexity of IT systems could increase the security risks for businesses, and a recent adaptavist report revealed that 40% of IT leaders are afraid of admitting errors due to a culture of fear of the workplace.
Via infoscurity
