(Redmond, WA, Wednesday, December 14, 2022) – Today Microsoft released the third edition of Cyber Signals, a quarterly intelligence brief on the state of the threat landscape, highlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security experts. This edition shares new insights on cyberthreats to critical infrastructure, emerging data around Information Technology (IT), Operational Technology (OT) and Internet-of-Things (IoT) risks, and best practice recommendations for enterprises.
While IoT increases rapidly and IT and OT become more cloud-connected, the boundaries between these spaces are converging, creating an expanded entry point for attackers to target exposed critical infrastructure.
As this growth continues, these devices are communicating with larger systems, collecting data, and introducing new connectivity across formerly obscured spaces. This edition stresses the importance of visibility within organizations into the number of IT, OT and IoT devices in their enterprise, where or how they converge, and the crucial data, resources, and utilities attainable within these devices.
Soundbites — Vasu Jakkal, Corporate Vice President of Microsoft Security
What does your data mean for critical infrastructure?
- OUR DATA INDICATES THAT CRITICAL INFRASTRUCTURE FACILITIES SUCH AS PIPELINES, UTILITY PLANTS OR MANUFACTURING CENTERS MAY BE MORE SUSCEPTIBLE TO BREACHES THAN WE’D HOPE. TODAY, 77 PERCENT OF CRITICAL INFRASTRUCTURE FACILITIES ARE OPERATING ON OUTDATED SOFTWARE, LEAVING THEM VULNERABLE TO THE KNOWN EXPLOITS CYBERCRIMINALS RELY ON.
What do you hope this prompts organizations to do?
- MICROSOFT HAS IDENTIFIED UNPATCHED, HIGH-SEVERITY VULNERABILITIES IN 75 PERCENT OF THE MOST COMMON INDUSTRIAL CONTROLLERS IN CUSTOMER OT. OUR HOPE IS TO PROMPT ORGANIZATIONS TO PRIORITIZE VISIBILITY INTO THE CONNECTIVITY OF IT, OT AND IOT DEVICES IN THEIR ENTERPRISE. THIS HELPS LIMIT THE PROBABILITY OF UNAUTHORIZED USERS ACCESSING CERTIFIED DATA. MICROSOFT ALSO RELEASED AN OPEN-SOURCE TOOL TO HELP INCIDENT RESPONDERS AND SECURITY SPECIALISTS BETTER UNDERSTAND THEIR ENVIRONMENTS AND INVESTIGATE POTENTIAL INCIDENTS.
What does this data have the capability to do?
- AS BUSINESSES BECOME MORE INFORMED AND UPDATE AND ULTIMATELY PROTECT THEIR SOFTWARE, WE HOPE TO SEE A DECREASE IN THE NUMBER OF CYBERATTACKS ON CRITICAL INFRASTRUCTURE, AND THEREFORE A DECREASE IN THE NUMBER OF THREATS TO EFFECTED COMMUNITIES.