It’s with great pleasure that we announce that Forescout has been awarded with “Overall IoT Security Solution of the Year” for our Forescout Continuum Platform in the 6th annual CyberSecurity Breakthrough Awards. This is the second consecutive year Forescout has been an award recipient in the CyberSecurity Breakthrough Awards in recognition of the support we offer to our customers and the larger cybersecurity industry.
Government agencies rely on IoT and OT devices to carry out their missions and manage everything from security cameras and personal identity verification (PIV) card readers that monitor and control access to facilities and data, to environmental controls that improve comfort, safety and efficiency. Data centers couldn’t operate around the clock without tightly controlled air conditioning, electricity and other physical infrastructure, much of which relies on IoT.
On September 12, the FBI released a private industry notification entitled “Unpatched and Outdated Medical Devices Provide Cyber Attack Opportunities.” The notification underscores how a growing number of vulnerabilities in medical devices and Internet of Medical Things (IoMT) assets can be exploited by threat actors to “impact healthcare facilities’ operational functions, patient safety, data confidentiality and data integrity.”
Throughout the first half of 2022, Vedere Labs published analyses of prominent ransomware families, such as Conti, Night Sky and ALPHV. We also examined well-known ransomware incidents such as the attacks on the NFL’s SF 49ers by the BlackByte group; on a UK water utility, where the Clop gang managed to access their SCADA system; and on an NHSsoftware provider, where an unknown group managed to disrupt healthcare services in the UK for weeks.
In our companion blog post, Vedere Labs analyzed the main ransomware trends we observed in the first half of 2022, including state-sponsored ransomware, new mainstream targets and evolving extortion techniques. Ransomware is the main threat targeting most organizations nowadays. However, three other notable cyberthreat trends also evolved during this period: Below we analyze each of these trends in more detail.
Many industries are affected by skills gaps, but according to Cybersecurity Ventures, the shortage within the IT/cybersecurity sector is nearly unmatched: Over an eight-year period, the number of unfilled cybersecurity jobs increased from one million positions in 2013 to 3.5 million in 2021.
On August 4, 2022, Advanced – a major software provider for the UK’s National Health System (NHS) and other healthcare customers – suffered a ransomware attack from a group that is still unknown to the public. The attack disrupted NHS services including ambulance dispatch, appointment bookings, patient referrals and emergency prescriptions.
Vedere Labs recently developed a proof-of-concept (PoC) ransomware for IoT (R4IoT) using as an example attack scenario a hospital network containing IoT devices such as IP cameras, IT workstations and OT in the form of building automation controllers.
On August 15, the Clop ransomware group announced on their leak website the breach of South Staffordshire Water, a privately owned UK water supply company. This attack is yet another example of ransomware gangs targeting critical infrastructure expecting to receive a big payout, which is reminiscent of hundreds of previous incidents, including the well-known Colonial Pipeline and JBS attacks.
For decades, IT and operational technology/industrial control systems (OT/ICS) were seen as separate entities within organizations. In keeping with practices first defined by the Purdue Enterprise Reference Architecture, the two systems were entirely air gapped to never impact one another. While this separation kept OT networks more protected, it is no longer practical.
