- Latest Volt Typhoon Attack Discovery Raises Concern for OT -Security Culture
- Artificial Intelligence Role in Attacks Colcies Continued with Cyber Security Leaders
- Vulnerable OT -Servers Leave SMBs and Businesses Open to Ransomware -Contracts and IP -Theft
Volt Typhoon, a threat group with links to China, had access to Massachusetts ‘Littleton Electric Light and Water Departments (LELWD)’ s Operational Technology (OT) network for ten months in 2023.
The penetration lasted from February to November 2023, but still moved security researchers in Dragos who discovered it quickly, when it was known; Identifying the group’s activities on the server and containing the threat without customer data compromised.
Data on OT networks, especially where critical national infrastructure (CNI) is concerned, are important to lock down. Infosecurity reported on Donovan Tindill, Denexus’ OT CyberSecurity Director, which explained that vulnerable small corporate servers of this kind allow theft of intellectual property, mapping the utility network structures and for data to be geared in ransomware attacks.
Staying on top of OT -Cyber Security
Experts have weighed in the consequences of the attack. Tim MacKey, Black Duck’s Software Supply Chain Risk Strategy Head, said that “One of the biggest challenges with cyber security in critical infrastructure is the long life of the devices. Something that was designed and tested for the best available practice when it was released can easily become vulnerable to attacks using more sophisticated attacks later in his life cycle. “
Nathaniel Jones, Darktrace’s VP for threat research, continued to add that the impact of AI tools in attacks on CNI was a “continued and growing concern” for those who defended OT networks.
Agnidipta Sarkar, Colortokens’ VP for CISO counseling, warned attacks were increasing, but was also treated in the wrong way by OT defenders and leaders. “Unfortunately,” they said, “Cyber OT leadership focuses on stopping attacks instead of stopping the spread of attacks.”
In the event that you missed it, Techradar Pro reported that the complexity of IT systems could increase security risks for businesses, and a recent adaptavist report revealed that 40% of IT managers are afraid of admitting errors due to a workplace culture of fear.
Via infosecurity
