Forum Discussion

AshleyMartin's avatar
AshleyMartin
Icon for Microsoft rankMicrosoft
Oct 24, 2022

New Blog Post | Securing IoT devices against attacks that target critical infrastructure

Securing IoT devices against attacks that target critical infrastructure - Microsoft Security Blog

 

South Staffordshire PLC, a company that supplies water to over one million customers in the United Kingdom, notified its customers in August of being a target of a criminal cyberattack. This incident highlights the sophisticated threats that critical industries face today.  According to South Staffordshire, the breach did not appear to have caused damage to the systems and it did not impact their ability to supply safe water to their customers.

 

The attack brings to light the risk of threat actors gaining access to industrial control system (ICS) environments. According to reports, a group associated with the Cl0p ransomware claimed responsibility for the attack, which followed a familiar extortion model wherein attackers extort the target for exfiltrated data without encrypting the organization’s files. After the attack, confidential documents, along with screenshots of the supervisory control and data acquisition (SCADA) system used by water treatment plants were leaked.

 

As details of the attack and the vector used to access South Staffordshire PLC’s networks are limited, the Microsoft Defender for IoT research team did further research on techniques used by threat actors in similar attacks. Microsoft researchers have previously observed activity relating to internet-exposed IoT devices across different industries, which may be used as a potential foothold into OT networks. Threat actors gain access by deploying malware on information technology (IT) devices and then crossing the boundary to the operational technology (OT) part of the network to target high-value operational assets, or by compromising unmanaged, usually less secure IoT and OT devices.

 

No RepliesBe the first to reply

Resources