IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

“High severity” vulnerabilities uncovered in three-quarters of operational technology systems

OT vulnerabilities could be putting national infrastructure at risk, Microsoft warned

Three-quarters of industrial control devices used in operational technology (OT) networks remain unpatched and laden with severe vulnerabilities, according to new research from Microsoft.

Statistics from the tech giant’s latest Cyber Signals bulletin showed that threats against operational technology systems and internet of things (IoT) products are rising steeply and posing significant risks for businesses globally.

“The pervasiveness, vulnerability, and cloud connectivity of IoT and OT devices represent a rapidly expanding, often unchecked risk surface affecting a wider array of industries and organisations,” said David Atch, head of IoT and OT security research at Microsoft Threat Intelligence.

“Rapidly increasing IoT creates an expanded entry point and attack surface for attackers. With OT becoming more cloud-connected and the IT-OT gap closing, access to less-secure OT is opening the door for damaging infrastructure attacks.”

By 2025, more than 41 billion IoT devices are expected to be deployed across enterprise and consumer environments, according to research from IDC.

Connected devices such as smart speakers, cameras, or commercial appliances are frequently targeted as entry points for threat actors.

As such, Microsoft said the increasing convergence of IoT and OT with traditional IT systems means organisations will be forced to “rethink cyber risk impact and consequences”.

OT systems underpin a range of critical industries, including energy, transportation and other key infrastructure assets, meaning that successful cyber attacks would have a potentially crippling economic impact for nations worldwide.

“While the prevalence of IoT and OT vulnerabilities presents a challenge for all organisations, critical infrastructure is at increased risk. Disabling critical services, not even necessarily destroying them, is a powerful lever,” Atch said.

Evolving threat landscape 

The use of OT systems in critical infrastructure means that state-sponsored threat actors are increasingly targeting organisations working in this space, Microsoft warned.

Since the onset of the war in Ukraine, Russian state-backed groups have placed a strong focus on targeting systems to cripple Ukrainian infrastructure and support military operations.

Similarly, risks for individual organisations and staff are escalating. Microsoft said it has observed Chinese-linked hackers targeting vulnerable home and office routers to gain a network foothold and launch wider attacks on IT infrastructure.

This trend is expected to continue, Microsoft said. The rise of malicious software used to target OT systems is becoming “more prevalent”, easier to use, and enabling threat actors to draw upon a wider range of options when mounting large-scale attacks.

Ransomware attacks, previously perceived as an IT-focused attack vector, are today affecting OT environments as seen in the Colonial Pipeline attack,” Microsoft warned.

The Colonial Pipeline attack forced OT systems and pipeline operations to temporarily shut down, and caused significant financial losses for the organisation.

Research published by Mandiant this year highlighted the growing threat of ransomware for OT system operators, with one-in-seven extortion attacks leaking critical OT data.

The company identified 1,300 leaks released by ransomware groups involving companies which use OT systems. Data uncovered in the study included sensitive network and process documentation for two oil and gas companies.

Countering Threats 

Looking forward, Microsoft said that improving the visibility of connected systems will be a “defensive imperative” for businesses and infrastructure operators across a range of industries.

The tech giant advised that organisations should also improve collaboration with key industry stakeholders to map business critical assets.

Earlier this year, the National Cyber Security Centre (NCSC) called on startups to apply to collaborate with the centre to counter key cyber security threats currently facing the UK.

Under the plans outlined in July, the NCSC said it will work with startups to develop and pilot technologies that can help organisations mitigate growing threats.

A key focus of the initiative centres around bolstering protection for OT in a range of sectors, including the energy, agriculture and food manufacturing industries.

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Recommended

Microsoft Azure spending notifications unavailable until March
Cloud

Microsoft Azure spending notifications unavailable until March

2 Feb 2023
Hackers target business cloud environments by abusing Microsoft’s ‘verified publisher’ status
Security

Hackers target business cloud environments by abusing Microsoft’s ‘verified publisher’ status

1 Feb 2023
Google to cut global workforce by 12,000 roles
Careers & training

Google to cut global workforce by 12,000 roles

20 Jan 2023
Windows 11 System Restore bug preventing users from accessing apps
Microsoft Windows

Windows 11 System Restore bug preventing users from accessing apps

19 Jan 2023

Most Popular

Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
What's powering Britain’s fibre broadband boom?
Network & Internet

What's powering Britain’s fibre broadband boom?

3 Feb 2023