InfoSecBulletin Cybersecurity for mankind
Most critical infrastructure sectors have experienced an email security breach in the past year. A study by Osterman Research, commissioned by OPSWAT, found that 80% of organizations suffered an email-based security breach.
Even as criminal hackers target the sector, CI businesses appear to be failing to protect their systems. Osterman Research found that 75% of cyber-threats to critical infrastructure arrived by email.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
63.3% of organizations feel their email security needs improvement, and 48% are not confident in their current email defenses.
Researchers discovered that email is the main method for attacking the critical infrastructure sector, primarily through phishing and malicious links or attachments. However, more than half of organizations believed that emails posed no threat.
Osterman noted that the risks increase because key systems in critical infrastructure, particularly operational technology, are now more often connected to standard IT networks and the internet.
“IT networks and OT (operational technology) networks are increasingly linked. Significantly fewer OT networks are still air gapped, and the digital transformation activities of the past decade has resulted in OT networks being connected to the Internet,” the researchers wrote.
This enables a successful email attack to spread not only within the victim’s IT systems but also into OT networks.
Osterman Research found that the most common incidents were phishing attacks that compromised credentials, followed by issues with Microsoft 365 credentials.
Researchers found that many CI organizations are not compliant. Only 34.4% believed they were fully compliant, and just 28% of EMEA organizations felt they met GDPR requirements.
Research shows that critical infrastructure organizations anticipate an increase in threats. Two-thirds expect phishing attacks to rise next year, and 40% foresee more nation-state backed attacks.
“Email attacks have continued to rise over the past few years, particularly targeting critical infrastructure organizations. Not only are attacks more frequent, but they are evolving to bypass traditional security measures, making it clear that email remains the primary attack vector for cybercriminals,” Itay Glick, VP of products at OPSWAT, told Infosecurity.
“Email security often gets overlooked because many organizations operate under the assumption that basic protections, like spam filters or standard anti-malware, are sufficient,” Glick explained.
“It is often only after a successful breach that email security receives the attention it deserves, by which time the damage is already done.”
