The new report from Forescout Research – Vedere Labs is scary. Critical infrastructure companies – those critical to a nation like Oil, Energy, Medical, Road/Rail/Airports, Shipping, Medical, communication, Waste management, etc – are under attack.
Forescout Research’s Vedere Labs recorded more than 420 million attacks between January and December 2023. These numbers are 30% higher than the numbers for 2022. The report titled “2023 Global Threat Roundup Report” had very interesting findings. This clearly means there were
The report reveals that the attacks originated from 212 countries & web applications were the most attacked service type followed by remote management protocols. Threat actors targeted 163 countries which means that there is practically no nation untouched from hacking attempts. Exploits against software libraries decreased considering a decrease in popularity of log4j.
Infostealers as well as RATs (Remote Access Trojans) turn out to be the most popular malware in most of the ICS /OT systems. The document also highlighted a list of countries experiencing the most attacks.
The research found that 5 OT protocols were constantly targetted:
- Modbus
- Ethernet/IP
- Step7
- DNP3
- IEC10X
The document says that Forescout adds specialized honeypots across the world that mimic real devices or are real devices, unlike other generic honeypots that capture every kind of attack.
Read more: 2023 Forescout Threat Roundup