Industrial IoT Devices at Growing Risk, Warns Microsoft -- Redmond Channel Partner

Industrial IoT Devices at Growing Risk, Warns Microsoft

By Chris Paoli
June 03, 2024

Attention, industry channel partners: Microsoft has noticed an increase in security attacks targeting operational technology (OT) devices with Internet connectivity.

Many OT devices fall into the category of Industrial Internet-of-Things (IIoT). These types of devices are used in industrial settings to monitor and control machinery. They typically have a software component and are capable of connecting to the Internet in order to transmit data.

In a recent report, Microsoft warned that the number of attacks targeting these Internet-connected OT devices has been on the rise since late 2023. Threat actors target these systems to take control, which could lead to major outages or damaged hardware.

"Adding to the potential damage of attacks on OT systems are their often-lacking security measures, which make OT attacks not only attractive for attackers but also relatively easy to execute," said Microsoft. "Many OT devices, notwithstanding common security guidelines, are directly connected to the internet, making them discoverable by attackers through internet scanning tools. Once discovered by attackers, poor security configurations, such as weak sign-in passwords or outdated software with known vulnerabilities, could be further exploited to obtain access to the devices."

The Microsoft Digital Defense Report 2023 found that 78 percent of industrial network devices monitored by Microsoft Defender for IoT had known vulnerabilities. Among these, 46 percent used deprecated firmware and 32 percent ran on outdated systems with unpatched vulnerabilities.

Microsoft's analysis of these attacks revealed a common method: exploiting Internet-exposed, poorly secured OT devices. The ongoing Israel-Hamas conflict has only added fuel to the fire, with Israeli companies in particular seeing a spike in cyberattacks.

This was evident in the November 2023 attack on the Aliquippa water plant in Pennsylvania, which was manufactured in Israel. Attributed to the Islamic Revolutionary Guard Corps-affiliated (IRGC) "CyberAv3ngers" and tracked by Microsoft as Storm-0784, the attack led to the shutdown of a pressure regulation pump and defacement of the device's interface. In response, the U.S. Department of Treasury sanctioned officials from the IRGC.

Microsoft's report also found that OT-focused attacks have not been limited to public sector facilities, but also affect private enterprises. While the public sector has been implored to implement proper risk management and protection of OT systems, the diversity of target profiles illustrates that ensuring OT security in the private sector is equally crucial, said Microsoft.

To mitigate such threats, Microsoft recommends adopting comprehensive IoT and OT security solutions like Microsoft Defender for IoT, conducting vulnerability assessments, reducing unnecessary Internet connections to OT devices, and implementing Zero Trust practices with network segmentation. These measures aim to prevent attackers from exploiting vulnerabilities and compromising critical systems.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Free Webcast! Learn about Password Management Best Practices

Featured

Security and ROI Worries Blocking Orgs from Wider AI Adoption

Two recent reports from research firm Gartner indicate that businesses are as wary of generative AI as they are keen to use it.
Registration Opens for Microsoft's New Summer Partner Event

Microsoft's flagship partner conference, Inspire, may not be taking place as usual this year, but the company is launching a new event in its place.
2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.
Oracle Offers Its Cloud To Help Microsoft-OpenAI Partnership

To give generative AI leader OpenAI more room to innovate, Microsoft and Oracle have agreed to combine their respective cloud capacities.

RCP Update

Email Address*Country*

Please type the letters/numbers you see above.

Industrial IoT Devices at Growing Risk, Warns Microsoft

Featured

Security and ROI Worries Blocking Orgs from Wider AI Adoption

Registration Opens for Microsoft's New Summer Partner Event

2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Oracle Offers Its Cloud To Help Microsoft-OpenAI Partnership

The 2024 Microsoft Product Roadmap

2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Reconsiders Controversial Windows Recall Feature

Security and ROI Worries Blocking Orgs from Wider AI Adoption

Oracle Offers Its Cloud To Help Microsoft-OpenAI Partnership

The 2024 Microsoft Product Roadmap

2024 Microsoft Conference Calendar: For Partners, IT Pros and Developers

Microsoft Reconsiders Controversial Windows Recall Feature

Security and ROI Worries Blocking Orgs from Wider AI Adoption

Oracle Offers Its Cloud To Help Microsoft-OpenAI Partnership

Partner Guides

Partner's Guide to the Windows Server 2008 Deadline

Partner's Guide to Office 365 Security Costs

Partner's Guide to UCaaS

Partner's Guide to Starter Workloads in Azure

Partner's Guide to Microsoft's Fiscal Year 2019

FREE WEBCASTS FROM OUR SPONSORS

Coffee Talk | Microsoft Copilot for Microsoft 365 Best Practices for Maximum Data Protection

Coffee Talk | Expert Take: Copilot for Microsoft 365 Strategies for Partners

Coffee Talk | Managing Hybrid Work Customers: Top Strategies and Advice for Partners

Coffee Talk | Safeguarding the SMB: Top Security Strategies and Best Practices for Partners

FREE WHITE PAPERS FROM OUR SPONSORS

Key Questions to Consider Before Selling Your Microsoft Practice

Ransomware & You

Power up with Microsoft Productivity and Unified Security

Microsoft CSP Guide