Written by 9:51 am Security News

Critical Infrastructure at Risk From Email Security Breaches

Critical Infrastructure at Risk From Email Security Breaches

Over the past 12 months, the majority of the critical infrastructure (CI) sector has suffered an email-related security breach.

A study by Osterman Research, commissioned by CI security vendor OPSWAT, revealed that 80% of organizations were victims of an email-based security breach.

Even as criminal hackers target the sector, CI businesses fail to protect their systems. Osterman Research found that 75% of cyber threats to critical infrastructure arrived by email.

However, 63.3% of organizations believed their email security needs improving, and 48% “lacked confidence” in their existing email defences.

The researchers found that email was the primary vector for attacking the CI sector, with threats coming via phishing, malicious links, or malware-laden attachments. Yet, over half of organizations assumed that emails contained no threat.

Read More: Highline Public Schools Forced to Close By Cyber-Attack

Connected Systems

Osterman said the risks are made worse because key systems in critical infrastructure, especially operational technology, are now more likely to be connected to general-purpose IT networks and the Internet.

“IT networks and OT (operational technology) networks are increasingly linked. Significantly fewer OT networks are still air-gapped, and the digital transformation activities of the past decade have resulted in OT networks being connected to the Internet,” the researchers wrote.

This allows a successful email attack to spread laterally across the victim’s IT systems and on and into OT networks.

Osterman Research found that phishing attacks, leading to compromised credentials, were the most common incident, followed by compromises of Microsoft 365 credentials. Data leakage was the third most common problem.

In addition, the researchers uncovered high levels of non-compliance among CI organizations. Only just over one in three organizations (34.4%) believed they were fully compliant with GDPR, and only 28% of EMEA organizations thought they were fully compliant.

Rising Threats

The research comes as critical infrastructure organizations expect threats against them to rise. Two-thirds of respondents expect phishing attacks to increase in the next year, and 40% expect to see more nation-state-backed attacks.

“Email attacks have continued to rise over the past few years, particularly targeting critical infrastructure organizations. Attacks are more frequent and evolving to bypass traditional security measures, making it clear that email remains the primary attack vector for cybercriminals,” Itay Glick, VP of products at OPSWAT, told Infosecurity.

“Email security often gets overlooked because many organizations operate under the assumption that basic protections, like spam filters or standard anti-malware, are sufficient,” Glick explained.

“It is often only after a successful breach that email security receives the attention it deserves, by which time the damage is already done.”

Source: https://www.infosecurity-magazine.com/news/critical-infrastructure-email/

Latest News:

  • Sellafield Fined for Cybersecurity Failures at Nuclear Site
    Sellafield Ltd. has been fined £332,500 ($437,440) for cybersecurity failures at the Sellafield nuclear facility in Cumbria, North-West England. Westminster Magistrates Court issued the fine following a prosecution brought by the Office for Nuclear Regulation (ONR), the UK’s independent nuclear regulator. Sellafield Ltd has also been ordered to pay prosecution costs of £53,253.20 ($70,060). The offences …
  • Ransomware Attack Forces UMC to Divert Emergency Patients
    The University Medical Center (UMC) Health System in Lubbock, Texas, has confirmed a ransomware attack that disrupted its IT infrastructure last week, forcing the diversion of emergency and non-emergency patients.  UMC, the only level 1 trauma centre within 400 miles, faced significant operational challenges, with phone systems down and the patient portal inaccessible. Despite this, …
  • British Hacker Charged in the US For $3.75m Insider Trading Scheme
    A British hacker accused of orchestrating a $3.75m insider trading scheme has been charged in the US. Robert Westbrook, 39, allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information. US authorities arrested Westbrook last week in London, and he is awaiting extradition to face multiple charges, including securities fraud …