1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft has found a whole load of IoT and industrial cyber flaw

    From TechnologyDaily@1337:1/100 to All on Thu Dec 15 21:30:04 2022
    Microsoft has found a whole load of IoT and industrial cyber flaws

    Date:
    Thu, 15 Dec 2022 21:14:25 +0000

    Description:
    Microsoft research uncovers a wide range of industrial IoT vulnerabilities, a majority of which are available online.

    FULL STORY ======================================================================

    Microsoft has identified a huge number of IoT security issues, finding unpatched, high-severity vulnerabilities in 75% of the most common industrial controllers in customer operational technology (OT) networks.

    The tech giant's research also found that 72% of the software exploits utilized by what Microsoft terms Incontroller are now available online.

    "Incontroller" is what the Cybersecurity and Infrastructure Security Agency (CISA) describes as a "novel set of state-sponsored, industrial control
    system (ICS) oriented cyberattack tools". What is true scale of the issue?

    Microsoft cited recent IDC figures that estimate there will be 41.6 billion connected IoT devices by 2025, a growth rate much higher than that of traditional IT equipment.

    However, it claims that the development of IoT and OT device security has not kept pace with that of other IT systems, and threat actors are exploiting these devices.



    Microsoft pointed towards Russias cyberattacks against Ukraine, as well as other nation-state-sponsored cybercriminal activity, saying these demonstrate that "some nation-states view cyberattacks against critical infrastructure as desirable for achieving military and economic objectives".

    You certainly do not have to look far to see examples of these types of industrial IoT attacks wreaking havoc on all involved.

    In May 2021, the Colonial Pipeline ransomware attack disrupted the supply of natural gas in much of the Southern US , causing widespread price rises. READ MORE:

    Industrial cyberattacks are hitting nearly all IoT companies



    Millions of IoT devices and routers could have a mega security flaw



    Our guide to the best malware removal

    To mitigate these types of risks, Microsoft recommends customers work with stakeholders to map business-critical assets, in IT and OT environments, as well as work to identify what IoT and OT devices are critical assets by themselves, and which are associated with other critical assets.

    Microsoft also recommends that organizations perform a risk analysis on critical assets, focusing on the business impact of different attack scenarios. Interested in keeping your organization safe from cyber threats? Check out our guide to the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/news/microsoft-has-found-a-whole-load-of-iot-and-ind ustrial-cyber-flaws


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)