Hackers are intensifying attacks on OT devices exposed to Internet access

Hackers are targeting operational technology (OT) devices used in water and wastewater systems (WWS) across the United States. According to Microsoft, they carried out malicious operations mainly on devices available on the Internet. The number of attacks has increased in recent months. There is therefore a real need to improve the security systems of critical OT devices.

Why do cybercriminals attack OT devices?

Various industries use OT devices such as programmable logic controllers (PLC) or human-machine interfaces (HMI). PLCs control industrial systems and processes, while HMIs are functions or components that allow workers to interact with machines. Therefore, if cyber attacks are successful, cybercriminals can gain access to critical systems. As a result, they can cause serious breakdowns and malfunctions.

Unfortunately, most OT devices use outdated software, poor configuration and weak passwords. Moreover, they do not follow security guidelines and are connected directly to the Internet. This omission allows hackers to use Internet scanning tools to detect and target them. Moreover, most operations concerned both public sector facilities and private companies. Therefore, even the private sector must ensure the security of OT devices.

In 2023, a group of cybercriminals known as Storm-0784 or CyberAv3ngers attacked the Aliquippa Hydroelectric Power Plant in Pennsylvania. Their attack caused a failure of a pressure water pump on the city’s water supply line. Additionally, many operations have been performed on Unitronics PLC-HMI OT systems in other parts of the world.

According to the Microsoft Digital Defense Report 2023, 78% of industrial network devices in customer networks monitored by Microsoft have vulnerabilities, with 46% running outdated firmware and 32% using outdated software. Some devices have no or weak passwords.

How can you protect your OT systems?

Microsoft has several tools and recommendations to protect OT devices and improve security. For example, you can use Microsoft Defender for IoT to monitor your device and detect threats. You can download Microsoft Defender Vulnerability Management to automate the vulnerability patching process.

Additionally, consider closing unnecessary internet connections and ensuring your OT devices are not directly connected to the internet. Also close unnecessary open ports and restrict access to them. Additionally, you can implement zero trust practices by isolating parts of your network with firewalls.

Ultimately, if your OT devices aren’t following the best security guidelines, you should start checking them. Also consider educating your team about the risks of connecting them directly to the Internet. Remember that cybercriminals attack poorly secured devices with outdated software.

How do you protect your OT systems? Let us know in the comments.

Sebastian is a content writer who wants to learn everything new about artificial intelligence and gaming. Hence, he spends time writing prompts on various LLM courses to understand them better. Additionally, Sebastian has experience troubleshooting video game performance issues and is familiar with Windows. He is also interested in everything related to quantum technology, and when he wants to learn more, he becomes a research geek.