Nation-state attackers are intensifying their focus on IoT sensors, particularly those connected to critical infrastructure and manufacturing. The frequency of attacks has increased, with these attackers targeting organizations in the United States and Europe. Many infrastructure and manufacturing organizations lack visibility into their IoT sensors and endpoints, making them vulnerable to exploitation.
During Q2 2023, the manufacturing sector was the primary target of 70% of all ransomware attacks, followed by industrial control systems (ICS) equipment and engineering at 16%. Attackers are taking advantage of the gaps between operational technology (OT) and IT systems, as well as unprotected ICS. According to a recent report, 75% of OT organizations experienced at least one breach intrusion in the past year.
Nation-state attackers and criminal groups are now recruiting AI and machine learning (ML) experts to develop generative AI attack tools. By leveraging AI and ML, these threat actors are orchestrating more sophisticated and targeted attacks, often possessing a deep understanding of their targets’ networks.
CISOs in the manufacturing sector have reported an increase in nation-state attack attempts, which are characterized by advanced social engineering tactics and the use of deepfake technology. These attacks reflect a new generation of technologies that can adapt faster than organizations can respond.
Concerns are rising among CISOs that defensive AI measures are lagging behind offensive AI capabilities, with 70% of CISOs believing that advancements in AI give cyber attackers an advantage. To address this imbalance, more organizations are adopting AI-based cybersecurity tools and applications.
The manufacturing industry remains a frequent target for cyberattacks, with manufacturing systems being the most attacked in 61% of breach attempts and 23% of ransomware attacks. Ransomware and hacktivism pose significant threats to manufacturing OT systems, with 81% of malware capable of disrupting industrial control systems.
Nation-state attackers are particularly focused on exploiting vulnerabilities in IoT, industrial IoT (IIoT), and programmable logic controllers (PLC). These attacks often aim to penetrate deep into networks and cause widespread disruption. Critical infrastructure sectors such as energy, water, oil, healthcare, and manufacturing are attractive targets due to the potential for significant disruption and financial losses.
To address these cybersecurity challenges, companies like Honeywell Connected Enterprise (HCE) are leveraging AI and ML to identify and mitigate potential breaches and intrusions. HCE’s Cyber Watch and Cyber Insights utilize AI and ML to monitor IoT, OT, ICS, and their vulnerabilities in real-time. This provides customers with better visibility into potential threats and enables earlier detection of ransomware indicators.
Other cybersecurity providers, such as CrowdStrike and Ivanti, are also developing solutions to address IoT vulnerabilities. These providers emphasize the importance of comprehensive visibility, analysis, and continuous improvement of discovery technologies to eliminate blind spots and proactively address vulnerabilities.
The weaponization of AI is a growing concern in the cybersecurity landscape. Several cybersecurity companies are investing in AI technologies and solutions, recognizing the need to stay ahead of threat actors who are leveraging AI for malicious purposes.
In conclusion, nation-state attackers are increasingly targeting IoT sensors connected to critical infrastructure and manufacturing. The frequency and sophistication of attacks have risen, posing significant risks to organizations. With the weaponization of AI, cyber attackers have gained an edge over defensive measures, emphasizing the need for organizations to adopt AI-based cybersecurity solutions. The manufacturing sector, in particular, faces an ongoing cyberattack epidemic, highlighting the urgency for improved cybersecurity measures to mitigate risks and protect critical systems.
