[ad_1]
Nation-state attackers are becoming more “brazen” in their targeting of critical infrastructure and the IT supply chain, and they are getting better at rapidly exploiting unpatched vulnerabilities, according to Microsoft’s recently released Defense Defense Report 2022.
The report shed light on how advancements in automation, cloud infrastructures and remote access technologies have allowed nation-state actors linked to China, Russia, Iran and North Korea to reach a wider set of targets, increase their activity and launch more sophisticated cyberattacks over the past year.
“Cybersecurity hygiene became even more critical as actors rapidly exploited unpatched vulnerabilities, used both sophisticated and brute force techniques to steal credentials, and obfuscated their operations by using open source or legitimate software,” said Tom Burt, corporate vice president of customer security and trust with Microsoft in the Friday report.
Nation-state groups’ targeting of critical infrastructure soared over the past year, with Microsoft detecting 40 percent of all nation-state attacks targeting critical infrastructure between July 2021 through June 2022, up from 20 percent between July 2020 to June 2021. In particular, threat actors focused on critical infrastructure companies across the IT, financial services, transportation and communications sectors, with companies in Israel, the UAE, Canada, Germany, India, Switzerland, and Japan among the most frequently targeted, according to Microsoft.
Researchers observed nation-state actors linked to Iran more aggressively targeting Israeli and U.S. critical infrastructure like port authorities. For instance, Iranian state actor Phosphorus has targeted high-profile U.S. and Israeli critical infrastructure between late 2021 and mid-2022, according to Microsoft.
“The likely aim was to provide Tehran with options to retaliate against the same sectors that senior IRGC officials blamed the United States and Israel for disrupting in Iran,” according to Microsoft. “We assess this activity is tied to statements in late October 2021 by IRGC General Gholamreza Jalali, head of Iran’s Passive Defense Organization, who echoed accusations from other influential figures within the regime that the United States and Israel conducted cyberattacks on Iran’s ports, railways, and fueling stations.”
At the same time, governments around the world (even beyond the steps highlighted in the Biden administration’s 2021 executive order in the U.S.) are starting to develop policies to better secure the operational technology (OT) devices that make up the backbone of critical infrastructure systems. Countries like Australia, the EU, the UK, Japan, Singapore and Chile are stepping up their security requirements for critical infrastructure and mandating the reporting of cyber incidents, for example.
[ad_2]
Source link