Microsoft: Growing Risk To Critical Infrastructure

385
Credit: Matthew Manuel/Unsplash

The third edition of Microsoft’s Cyber Signals report, which highlights security trends and insights gleaned from the company’s 43 trillion daily security signals and 8,500 security professionals, has just been released. The report offers fresh perspectives on broader dangers to critical infrastructure posed by combining IT, IoT, and OT systems, as reported by Irish Tech News.

OT systems

OT refers to programmable systems or devices that interact with the physical world and include a combination of hardware and software (or manage devices that interact with the physical environment). Building management systems, fire suppression systems, and physical access control devices like doors and elevators are a few examples of OT.

The risk of disruption and damage increases when borders between these historically distinct worlds converge as OT systems supporting transportation, energy, and other infrastructures become more interconnected with IT systems. In 75% of the most popular industrial controllers in customer OT networks, Microsoft has found unpatched, high-severity vulnerabilities, demonstrating how difficult it is for even well-resourced organisations to patch control systems in demanding situations sensitive to downtime.

Risks and dependencies

In addition, IDC research projects that by 2025, there will be more than 41 billion IoT devices in enterprise and consumer contexts, which means that appliances like cameras, smart speakers, locks, and commercial appliances could serve as entry points for hackers.

Vasu Jakkal, Microsoft’s Corporate Vice President, Security, Compliance, Identity, and Management, said: “For businesses and infrastructure operators across industries, the defensive imperatives are gaining total visibility over connected systems and weighing evolving risks and dependencies. Unlike the IT landscape of common operating systems, business applications, and platforms, OT and IoT landscapes are more fragmented, featuring proprietary protocols and devices that may not have cybersecurity standards. Other realities affecting things like patching and vulnerability management are also factors. While connected OT and IoT-enabled devices offer significant value to organisations looking to modernise workspaces, become more data-driven, and ease demands on staff through shifts like remote management and automation in critical infrastructure networks, if not properly secured, they increase the risk of unauthorised access to operational assets and networks.”

 

Did you subscribe to our newsletter?

It’s free! Click here to subscribe!

Source: Irish Tech News