| |
HB1PMS > TECH 13.02.20 11:32l 88 Lines 3735 Bytes #999 (0) @ WW
BID : 1775HB1PMS
Read: GAST
Subj: echnology Attacks Increased By Over 2000% In 2019
Path: DBO595<DBX320<FRB024<NL3TD<NL3PRC<GY1BBS<HB1BBS
Sent: 200212/2122Z 8069@HB1BBS.ZL.NLD.EU BPQ6.0.19
Van: HB1PMS@HB1BBS.ZL.NLD.EU
Operational Technology Attacks Increased By Over 2000% In 2019, Reveals IBM
Report
February 12, 2020 | Trends, Reports, Analysis
abstract,alphabet,background,binary,blue,blur,business,code,coding,communica
tion,computer,data,development,digital,display,energy,front-
end,future,graphic,htm,html,idea,identity,information,internet,java,language
,linux,macro,many,mobile,monitor,operating,printout,program,programming,prot
ection,red,screen,script,software,source,tablet,technology,text,trendy,virus
,web,webpage,working
The piece of malware that was most commonly used in these attacks was the
Mirai variant named Echobot.
Echobot made its first appearance last year and since then has incorporated
over two dozen different exploits.
Operation Technology (OT) attacks have reached an all-time high. A report
from IBM X-Force Threat Intelligence Index shows that attacks targets
operation technology infrastructure has increased by over 2000 percent in
2019 compared to the previous year. Interestingly, the piece of malware that
was most commonly used in these attacks was the Mirai variant named Echobot.
About Echobot’s exploits
Echobot made its first appearance last year and since then has incorporated
over two dozen different exploits including ones targeting enterprise and
ICS products.
The ICS-specific exploits included in Echobot are CVE-2019-14931 and CVE-
2018-7841.
While CVE-2019-14931, an unauthenticated OS command injection vulnerability,
affects Mitsubishi Electric ME-RTU devices, CVE-2018-7841 (a remote code
execution flaw) impacts Schneider Electric’s U.Motion Builder product.
Brand impersonation also on the rise
IBM also highlights that phishing was one of the most popular attack methods
used in 2019, and hackers primarily spoofed tech companies and social media
platforms to trap more victims. By spoofing a well-known brand, bad actors
could easily steal personal data from users with less effort.
The top 10 brands spoofed in spam campaigns in 2019 were:
Google (39%)
YouTube (17%)
Apple (15%)
Amazon (12%)
Spotify (5%)
Microsoft (3%)
Facebook (2%)
Instagram (15%)
WhatsApp (1%)
The most targeted areas
North America and Asia suffered the largest data losses, with 5 billion and
2 billion records compromised, respectively.
New and old security threats to track in 2020
The X-Force researchers predict that the risk surface will keep getting
bigger with more than 150,000 current vulnerabilities and new ones surfacing
all the time. In addition to this, ransomware and cryptominers will also
continue to evolve over the years. Bad actors will be looking for new
targets, including IoT devices, operational technology and connected
industrial and medical systems. The risks posed by ongoing spam will require
blacklisting, vulnerability patching, and threat monitoring.
73 Henk.
======================================================================
_ _ ____ __ ____ ____ _____
| | | | _ \/_ | _ \| _ \ / ____| SYS: Henk (hb1nos@hb1bbs.com)
| |__| | |_) || | |_) | |_) | (___ QTH: Ouwerkerk - JO11XO
| __ | _ < | | _ <| _ < \___ \ BBS: HB1BBS.ZLD.NLD.EU
| | | | |_) || | |_) | |_) |____) | QRV: 27.235 MHz (FM 1200bps)
|_| |_|____/ |_|____/|____/|_____/ WEB: www.hb1bbs.com
======================================================================
** Host of BPQ Netrom/Node NLDHUB::NL9HUB 85.214.163.10 UDP 93
======================================================================
** This message is generated with Sally 7.2.033
----------------------------------------------------------------------
** Timed woensdag 12 februari 2020 22:17 West-Europa (standaardtijd)
** BBS HB1PMS@HB1BBS.ZL.NLD.EU
Lese vorherige Mail | Lese naechste Mail
| |