This document discusses key cyber risk trends in 2022, including the rise of AI-powered cyberattacks. AI-generated scripts are now appearing in malware to help create new variants faster. Ransom payments and reported cyber incidents reached record highs, while the time for stolen data to appear online fell below 7 days. Cyberattacks targeting non-traditional sectors like agriculture and renewable energy grew. Looking ahead, AI could enable new threats like large-scale botnet control and reverse decoys.
Capitol Tech Talk Feb 17 2022 Cybersecurity Challenges in Financial SectorCapitolTechU
Slides from a webinar presented by Capitol Technology University on Feb 17 2022 with Dr. Susan Goodwin presenting on "Cybersecurity Challenges in the Financial Sector."
Cisco 2017 Midyear Cybersecurity Report
Executive Summary
Executive Summary
For nearly a decade, Cisco has published comprehensive cybersecurity reports that are designed to keep security teams and the businesses they support apprised of
cyber threats and vulnerabilities—and informed about steps they can take to improve security and cyber-resiliency. In these reports, we strive to alert defenders to the
increasing sophistication of threats and the techniques that adversaries use to compromise users, steal information, and create disruption. Go to www.esgjrconsultinginc.com to learn more about Software/Network Engineering Solutions.
Michael Goldsmith and I presented an overview of cybersecurity capacity building and current research findings for delegates from across the Commonwealth nations. The first section of slides introduces the Global Cyber Security Capacity Centre (GCSCC), and the second part presents a comparative analysis of the status and impact of capacity building.
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
Cobus Valentine, Chief Commercial Officer at Global Command & Control Technologies on Cybersecurity Threats and Solutions for the Public Sector at #PublicSec2024.
Capitol Tech Talk Feb 17 2022 Cybersecurity Challenges in Financial SectorCapitolTechU
Slides from a webinar presented by Capitol Technology University on Feb 17 2022 with Dr. Susan Goodwin presenting on "Cybersecurity Challenges in the Financial Sector."
Cisco 2017 Midyear Cybersecurity Report
Executive Summary
Executive Summary
For nearly a decade, Cisco has published comprehensive cybersecurity reports that are designed to keep security teams and the businesses they support apprised of
cyber threats and vulnerabilities—and informed about steps they can take to improve security and cyber-resiliency. In these reports, we strive to alert defenders to the
increasing sophistication of threats and the techniques that adversaries use to compromise users, steal information, and create disruption. Go to www.esgjrconsultinginc.com to learn more about Software/Network Engineering Solutions.
Michael Goldsmith and I presented an overview of cybersecurity capacity building and current research findings for delegates from across the Commonwealth nations. The first section of slides introduces the Global Cyber Security Capacity Centre (GCSCC), and the second part presents a comparative analysis of the status and impact of capacity building.
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
Cobus Valentine, Chief Commercial Officer at Global Command & Control Technologies on Cybersecurity Threats and Solutions for the Public Sector at #PublicSec2024.
Network Security and Cryptography module. I started with Risk assessment in Task 1, explaining Risk Control in Task 2, Task 3 is a Network Diagram and Maintaining Security in Task 4 as well as Reflective commentary in Task 5.
Typically an IDS refers to a software application that monitors a network for intrusion or malicious
activity. It signals an alarm once an intrusion is detected. In this paper, an IDS based on Distributed
Machine Learning that detects phishing attacks and issues an alarm when the intrusion is detected has
been discussed. This is done by using SVM as the base algorithm. More on why SVM is used and how the
IDS can be applied to detect other types of intrusion has been discussed.
Vehicular Ad-hoc Network, its Security and Issues: A Reviewrahulmonikasharma
Vehicular ad hoc network (VANET) is a vehicle to vehicle (VVC) and roadside to vehicle (RVC) communication system. The technology in VANET incorporates WLAN and Ad Hoc networks to achieve the regular connectivity. The ad hoc network is brought forth with the objectives of providing safety and comfort related services to vehicle owners. Collision warning, traffic congestion warning, lane-change warning, road blockade alarm (due to construction works etc.) are among the major safety related services addressed by VANET. In the other category of comfort related services, vehicle users are equipped with Internet and Multimedia connectivity. The major research challenges in the area lies in design of routing protocol, data sharing, security and privacy, network formation etc. We aim here to study the overview of VANET and its security issues.
This publication covers two important aspects of information security governance: determining the security strategy approach and the strategy development process.
This publication covers two important aspects of information security governance: determining the security strategy approach and the strategy development process.
Web3 Security Reports for Informed Decision-Making and Risk Mitigation
Stay ahead of the curve with expertly crafted Web3 security reports that offer actionable insights and unparalleled analysis.
Web3 Security Outlook 2022
-> $4B were lost in 300+ security exploits in 2022
-> The report outlines all major hacks and security breaches that occurred in 2022.
-> The report also explores new technologies, such as Layer 2 and zero-knowledge proofs, the role of AI in securing the Web3 ecosystem, and offers essential technical measures for smart contract developers to mitigate vulnerabilities.
Protecting your Web3 assets and users from security threats is crucial but can be overwhelming.
That's why we have curated a series of expertly crafted reports that provide real-world examples and practical advice. Our engaging and informative reports are the ultimate resource for businesses and organisations operating in the Web3 space. Join us on the journey to a safer Web3 world.
Global Cyber Security Market: Insights & Forecast (2022-2026)Koncept Analytics
The global cyber security market is forecasted to reach US$297.2 billion in 2026, experiencing growth at a CAGR of 7.54% during the period spanning from 2022 to 2026. For more: vikas@konceptanalytics.com
#Protect2020: Securing the Heart of Our Election SystemsDevOps.com
It’s a pivotal moment in US history. We’re coming together on long-overdue civil reforms, battling injustice and a deadly pandemic, while restarting our economy. Soon we’ll come together to decide our nation’s future leaders. At a time when truth is called into question, it’s vital to secure our election so we trust its outcomes. Cyberattacks on election systems could undermine confidence just when we need it the most.
The voter registration database (VRDB) is the heart of most election systems, and MITRE recently published the most important security steps to protect them.
Join our lively discussion to learn:
The nature of election systems and why they’re difficult to secure
MITRE’s focus on VRDBs and five key cyber recommendations
How Cisco Security can help you take action on MITRE’s advice today
Machine Learning and AI: An Intuitive Introduction - CFA Institute MasterclassQuantUniversity
Learn how artificial intelligence (AI) and machine learning are revolutionizing financial services — this course will introduce key concepts and illustrate the role of machine learning, data science techniques, and AI through examples and case studies from the investment industry. The presentation uses simple mathematics and basic statistics to provide an intuitive understanding of machine learning, as used by financial firms, to augment traditional investment decision making.
This overview session offers a tour of machine learning and AI methods, examining case studies to understand the technology companies, data vendors, banks, and fintech startups that are the key players in trading and investment management. Practical examples and case studies will help participants understand key machine learning methodologies, choose an algorithm for a specific goal, and recognize when to use machine learning and AI techniques
Methods of Data Access in Cloud Computing and It’s Challenges in Network Secu...rahulmonikasharma
Cloud computing owes to its potency, value effectiveness, flexibility and quantifiability for being a trend setting technology. In this paper, a cloud computing and education based theory has been studied and analyzed. This paper is based on the utilizations of cloud computing services in network security and its applications.
The project is designed to developed a pick and place vehicle for picking and placing objects. Robotic vehicle is based on Bluetooth technology as we have already seen mobile controlled robot using dtmf technology and wireless controlled robots using rf modules having their own limitations. At the transmitting end robot is controlled by android device with an application installed in it working as a remote control to move forward backward left or right. At the receiving end five motors are used where two motors are used for body movement and remaining three motors are used for arm and gripper movement Bluetooth receiver receives the commands and gives it to the microcontroller circuit to drive the motors.This project is not limited to picking and placing but it can be enhanced to pick sensitive objects like bomb and can also be interfaced with camera so that user can view and control the operation from distance.
The Global Cybersecurity Market Size Was Valued at USD 133.13 Billion In 2021, And Is Projected to Reach USD 254.20 Billion By 2028, Growing at A CAGR of 9.68% From 2022 To 2028.
Safeguarding Data Privacy by Placing Multi-level Access Restrictionsrahulmonikasharma
People always tend to protect assets regardless of what they are. For example, a user may keep a memorable picture of his parents in a safe place. However, the degree of protection he provides is directly based on how much he values the assets. If the user highly value the picture of his great-grandparents, he might take an extra measure of precaution by copying it and placing it in a fireproof safe where it is guarded from most natural disasters and from theft, or he may just put it in a frame because he has many similar pictures or because he can reproduce it. Usage of Database management systems to store information in every aspect of an enterprise is rapidly growing. Every company need to protect all tangible assets like valuable information stored in a DBMS is often vital to the business interests of the organization and is regarded as a corporate asset of the company that must be protected. There is no doubt that a password is the key to opening a user account. The Stronger the password, the longer it takes a hacker to break in. User authentication depends on a password to ensure the user account’s identity. Since organizations increase their implementation of database systems as the key data management technology for regular operations and decision making, the security of data managed by these systems is an important task.
In this report, as we do regularly for our customers, fellow
security researchers and other leading ISPs, we are offering
the IT community the same unique insights we use to protect
ourselves and our customers with the goal of regaining the
upper hand from cybercriminals. This intelligence varies from
other industry threat reports because it is based exclusively
on what CenturyLink® Threat Research Labs sees across the
CenturyLink global backbone.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
How do you market products and services that are based on new tech? How do you drive adoption, scale and customer experience? How can you reach audiences in tough markets while keeping the cost per lead low? How do you market IoT, Blockchain and AI based products? Find out in this deck. I have used real life use cases and examples here.
More Related Content
Similar to IoT and OT Threat Landscape Report 2023
Network Security and Cryptography module. I started with Risk assessment in Task 1, explaining Risk Control in Task 2, Task 3 is a Network Diagram and Maintaining Security in Task 4 as well as Reflective commentary in Task 5.
Typically an IDS refers to a software application that monitors a network for intrusion or malicious
activity. It signals an alarm once an intrusion is detected. In this paper, an IDS based on Distributed
Machine Learning that detects phishing attacks and issues an alarm when the intrusion is detected has
been discussed. This is done by using SVM as the base algorithm. More on why SVM is used and how the
IDS can be applied to detect other types of intrusion has been discussed.
Vehicular Ad-hoc Network, its Security and Issues: A Reviewrahulmonikasharma
Vehicular ad hoc network (VANET) is a vehicle to vehicle (VVC) and roadside to vehicle (RVC) communication system. The technology in VANET incorporates WLAN and Ad Hoc networks to achieve the regular connectivity. The ad hoc network is brought forth with the objectives of providing safety and comfort related services to vehicle owners. Collision warning, traffic congestion warning, lane-change warning, road blockade alarm (due to construction works etc.) are among the major safety related services addressed by VANET. In the other category of comfort related services, vehicle users are equipped with Internet and Multimedia connectivity. The major research challenges in the area lies in design of routing protocol, data sharing, security and privacy, network formation etc. We aim here to study the overview of VANET and its security issues.
This publication covers two important aspects of information security governance: determining the security strategy approach and the strategy development process.
This publication covers two important aspects of information security governance: determining the security strategy approach and the strategy development process.
Web3 Security Reports for Informed Decision-Making and Risk Mitigation
Stay ahead of the curve with expertly crafted Web3 security reports that offer actionable insights and unparalleled analysis.
Web3 Security Outlook 2022
-> $4B were lost in 300+ security exploits in 2022
-> The report outlines all major hacks and security breaches that occurred in 2022.
-> The report also explores new technologies, such as Layer 2 and zero-knowledge proofs, the role of AI in securing the Web3 ecosystem, and offers essential technical measures for smart contract developers to mitigate vulnerabilities.
Protecting your Web3 assets and users from security threats is crucial but can be overwhelming.
That's why we have curated a series of expertly crafted reports that provide real-world examples and practical advice. Our engaging and informative reports are the ultimate resource for businesses and organisations operating in the Web3 space. Join us on the journey to a safer Web3 world.
Global Cyber Security Market: Insights & Forecast (2022-2026)Koncept Analytics
The global cyber security market is forecasted to reach US$297.2 billion in 2026, experiencing growth at a CAGR of 7.54% during the period spanning from 2022 to 2026. For more: vikas@konceptanalytics.com
#Protect2020: Securing the Heart of Our Election SystemsDevOps.com
It’s a pivotal moment in US history. We’re coming together on long-overdue civil reforms, battling injustice and a deadly pandemic, while restarting our economy. Soon we’ll come together to decide our nation’s future leaders. At a time when truth is called into question, it’s vital to secure our election so we trust its outcomes. Cyberattacks on election systems could undermine confidence just when we need it the most.
The voter registration database (VRDB) is the heart of most election systems, and MITRE recently published the most important security steps to protect them.
Join our lively discussion to learn:
The nature of election systems and why they’re difficult to secure
MITRE’s focus on VRDBs and five key cyber recommendations
How Cisco Security can help you take action on MITRE’s advice today
Machine Learning and AI: An Intuitive Introduction - CFA Institute MasterclassQuantUniversity
Learn how artificial intelligence (AI) and machine learning are revolutionizing financial services — this course will introduce key concepts and illustrate the role of machine learning, data science techniques, and AI through examples and case studies from the investment industry. The presentation uses simple mathematics and basic statistics to provide an intuitive understanding of machine learning, as used by financial firms, to augment traditional investment decision making.
This overview session offers a tour of machine learning and AI methods, examining case studies to understand the technology companies, data vendors, banks, and fintech startups that are the key players in trading and investment management. Practical examples and case studies will help participants understand key machine learning methodologies, choose an algorithm for a specific goal, and recognize when to use machine learning and AI techniques
Methods of Data Access in Cloud Computing and It’s Challenges in Network Secu...rahulmonikasharma
Cloud computing owes to its potency, value effectiveness, flexibility and quantifiability for being a trend setting technology. In this paper, a cloud computing and education based theory has been studied and analyzed. This paper is based on the utilizations of cloud computing services in network security and its applications.
The project is designed to developed a pick and place vehicle for picking and placing objects. Robotic vehicle is based on Bluetooth technology as we have already seen mobile controlled robot using dtmf technology and wireless controlled robots using rf modules having their own limitations. At the transmitting end robot is controlled by android device with an application installed in it working as a remote control to move forward backward left or right. At the receiving end five motors are used where two motors are used for body movement and remaining three motors are used for arm and gripper movement Bluetooth receiver receives the commands and gives it to the microcontroller circuit to drive the motors.This project is not limited to picking and placing but it can be enhanced to pick sensitive objects like bomb and can also be interfaced with camera so that user can view and control the operation from distance.
The Global Cybersecurity Market Size Was Valued at USD 133.13 Billion In 2021, And Is Projected to Reach USD 254.20 Billion By 2028, Growing at A CAGR of 9.68% From 2022 To 2028.
Safeguarding Data Privacy by Placing Multi-level Access Restrictionsrahulmonikasharma
People always tend to protect assets regardless of what they are. For example, a user may keep a memorable picture of his parents in a safe place. However, the degree of protection he provides is directly based on how much he values the assets. If the user highly value the picture of his great-grandparents, he might take an extra measure of precaution by copying it and placing it in a fireproof safe where it is guarded from most natural disasters and from theft, or he may just put it in a frame because he has many similar pictures or because he can reproduce it. Usage of Database management systems to store information in every aspect of an enterprise is rapidly growing. Every company need to protect all tangible assets like valuable information stored in a DBMS is often vital to the business interests of the organization and is regarded as a corporate asset of the company that must be protected. There is no doubt that a password is the key to opening a user account. The Stronger the password, the longer it takes a hacker to break in. User authentication depends on a password to ensure the user account’s identity. Since organizations increase their implementation of database systems as the key data management technology for regular operations and decision making, the security of data managed by these systems is an important task.
In this report, as we do regularly for our customers, fellow
security researchers and other leading ISPs, we are offering
the IT community the same unique insights we use to protect
ourselves and our customers with the goal of regaining the
upper hand from cybercriminals. This intelligence varies from
other industry threat reports because it is based exclusively
on what CenturyLink® Threat Research Labs sees across the
CenturyLink global backbone.
Similar to IoT and OT Threat Landscape Report 2023 (20)
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
How do you market products and services that are based on new tech? How do you drive adoption, scale and customer experience? How can you reach audiences in tough markets while keeping the cost per lead low? How do you market IoT, Blockchain and AI based products? Find out in this deck. I have used real life use cases and examples here.
State of the internet of things (IoT) market 2016 editionPrayukth K V
2015 was the year IoT gained legitimacy.
Businesses budged off a “start small think big” mindset.
In 2016, they’re building IoT into future strategies and
business models. Companies across all industries now
have IoT squarely on their radar. The worldwide Internet
of Things market spend will grow from $591.7 billion
in 2014 to $1.3 trillion in 2019 with a compound annual
growth rate of 17%. The installed base of IoT endpoints
will grow from 9.7 billion in 2014 to more than 25.6 billion
in 2019, hitting 30 billion in 20201.
Architecture for India's Smart Cities projectPrayukth K V
India is working towards having 100 smart cities in the near future. The thrust is on leveraging smart solutions and strategies that enable cities to use technology, information and data to improve infrastructure, deliver better civic amenities, services and governance to citizens. This Smart Cities Architecture can serve as primer for this effort.
The Fintech 100 includes leading 50 fintech
companies across the globe, and the most intriguing
50 ‘emerging stars’ – exciting new fintechs with bold,
disruptive and potentially game-changing ideas –
expanding on the success of last year’s list. Presented here strictly for academic purposes...
Drones and the Internet of Things: realising the potential of airborne comput...Prayukth K V
This paper focuses on services and applications provided to mobile users using airborne computing infrastructure. Concepts such as drones-as-a-service and flyin,fly-out
infrastructure, and note data management and system
design issues that arise in these scenarios are discussed. Issues of Big Data arising from such applications, optimising the configuration of airborne and ground infrastructure to provide the best QoS and QoE, situation-awareness, scalability, reliability, scheduling for efficiency, interaction with users and drones using physical annotations are outlined.
Evolving a wearables marketing strategy in 2015Prayukth K V
How marketers can work towards integrating wearables such as Apple Smartwatch, Googles Glass and personal healthcare devices into their marketing gameplan
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
IoT and OT Threat Landscape Report 2023
1.
2. www.sectro.com 02
1. Data collection and research methodology _____________________________4
2. An intriguing year for cyber defenders everywhere _________________________5
3. Rising cyber insurance premiums indicate heightened cyber risks. _______________5
4. Key cyber risk trends that defined 2022 ________________________________6
a. AI-powered cyberattacks are now a reality. _____________________________7
b. Cyberattacks driven by geo-political and geo-economic considerations. ________9
5. Why are cyberattacks rising? _____________________________________10
a. Growth in cyberattacks across OT, IoT, IIoT and IoMT ________________________11
6. ICS vulnerabilities continue to haunt enterprises. _________________________12
7. Soft targets ________________________________________________12
8. Expanding threat surface ________________________________________13
a. Threat actor focus: APT41’s expanding _________________________________15
b. The economic threat from APT 41 ____________________________________15
9. Major APT actors and their activities in 2022 ____________________________16
a. Industrial espionage _____________________________________________17
b. Russian APT activity ______________________________________________19
c. Chinese APT activity ______________________________________________21
10. Lockbit RAAS and its disruptive impact on the threat environment _______________24
a. Understanding the Lockbit ransom model _____________________________25
b. Ransomware spectrum and footprint analysis __________________________26
c. Black Basta ___________________________________________________27
11. Geographical distribution of cyberattack on IoT and OT in 2022_________________27
a. Which countries are getting attacked and why?__________________________28
b. Percentage of attacks tagged to the countries of origin ____________________28
c. Top countries of origin for APT actors__________________________________29
12. What is being attacked and why? __________________________________30
a. Key APT cluster under observation ____________________________________31
b. The rising cost of ransom __________________________________________31
c. Attacks on sectors_______________________________________________32
d. Most attacked countries in cyberspace________________________________33
e. Most attacked countries on a per capita basis___________________________34
f. Cities drawing the maximum cyberattacks _____________________________35
g. Time to monetize________________________________________________36
h. Days took to discover a cyberattack rises ______________________________36
13. Malware sources _____________________________________________37
a. Malware origin _________________________________________________37
b. Top Ports attacked ______________________________________________38
c. Types of attacks and frequency _____________________________________39
14. CISO sentiment in 2022 _________________________________________39
a. Key findings of the IoT and OT CISO survey______________________________39
Table of contents
3. 03
www.sectro.com
15. North America ______________________________________________40
a. Sectors drawing Cyberattacks in North America __________________________41
b. Percentage of sophisticated attacks__________________________________42
c. Impact of the Ukraine war on North American cyberspace __________________43
d. The Colonial Pipeline attack continues to haunt __________________________43
e. Ransomware and APT actors active in the region_________________________44
16. South and Central America ______________________________________44
a. Most attacked countries in the region _________________________________45
b. Most attacked sectors ____________________________________________45
c. Regional APTs __________________________________________________46
d. Common traits of regional APT players ________________________________46
17. Europe _______________________________________________46
a. The volume of sophisticated attacks__________________________________47
b. Where are the cyber threats to Europe coming from?______________________48
c. Most attacked countries __________________________________________48
d. What is getting attacked? _________________________________________48
e. Attacks on Ukraine_______________________________________________49
f. The sequence of attacks on Ukraine __________________________________50
g. The axis of cyberattacks in Europe ____________________________________51
h. Top Zone 1 countries and the volume of associated cyberattacks _____________52
i. Common TTPs used by hackers in Europe ______________________________52
j. Espionage operations ____________________________________________52
18. Asia-Pacific and Oceania _______________________________________53
a. Most attacked countries in the region _________________________________54
b. Specific regional tactics___________________________________________54
c. Most attacked sectors in the region __________________________________55
d. India ________________________________________________________55
i. Strategy and objectives behind the targeted sectors __________________56
ii. Scale of data theft __________________________________________57
iii. Compromise attempts logged in the manufacturing sector _____________58
e. Target systems _________________________________________________58
f. The AIIMS attack: breaching the healthcare frontier. _______________________59
g. Virtual bot farms ________________________________________________60
19. Middle East and Africa _________________________________________60
a. What is getting attacked? _________________________________________61
b. Motivation factor for bad actors _____________________________________61
c. Top APT groups in the regio ________________________________________61
d. Systemic attacks in the region ______________________________________62
e. Most attacked countries in the region _________________________________63
f. Targeted attacks on utilities and oil and gas ____________________________63
g. The football World Cup and cyberattacks ______________________________63
h. What can the region look forward to in 2023? ___________________________64
20. Major cyberattacks in 2022 ______________________________________65
4. 04
www.sectro.com
This report has been prepared from threat
intelligence gathered by our honeypot
network which is today operational in over
80 cities across the world. These cities have
at least one of these attributes:
• Are landing centers for submarine cables
• Are internet traffic hotspots
• Are targeted by APT groups or other
sophisticated hackers
• House multiple IoT projects with a high
number of connected endpoints
• House multiple connected critical
infrastructure projects
• Have academic and research centers
focusing on IoT and OT
• Have the potential to host multiple IoT
projects across domains in the future
Over 18 million attacks a day registered
across this network of individual honeypots
are studied, analyzed, categorized, and
marked according to a threat rank index, a
priority assessment framework, that we have
developed within Sectrio. The network
includes over 8000 physical and virtual
devices covering over 4000 device
architectures and varied connectivity flavors
globally. Devices are grouped based on the
sectors they belong to for purposes of
understanding sectoral attacks. Thus, a
layered flow of threat intelligence is made
possible.
Sectrio’s threat surveillance net runs across
hackers' forums, malware platforms, IM
chats, the Dark Web, and other validated
avenues where threat actors
congregate/collaborate. Our surveillance
net gives our threat intelligence more depth
and relevance giving more latitude to bring
out insights that are exclusive to Sectrio
This data is analyzed thread-bare by our
global threat research team. The analysis
focuses on these areas:
• Unearthing new threats and variants of
existing threats
• Correlating the behavior of threats with
threat surface areas, institutional
practices, breach tactics, and security
outcomes
• Understanding how the threat
environment is evolving
• Preparing and sharing advisories
This report provides a context for the
evolving threat landscape as well. The
context is divided into three parts:
• Triggers and actors: what are threat
actors up to: analyzed at tactical and
strategic levels; how are malware
evolving
• Enablers: what institutional gaps are
aiding the growth in cyberattacks [with
inputs from CISOs]
• Impact: how are such trends impacting
cybersecurity and enterprises and
governments everywhere
Key findings are published by us every year
to enable businesses, decision-makers,
academicians, students, CISOs, and those
interested in cybersecurity to gain a
comprehensive understanding of the
evolving threat environment that envelops
IoT deployments and OT installations and
derive appropriate responses to prevent,
contain and dissuade such attacks.
Data collection and research
methodology
5. 05
www.sectro.com
To try our IoT and OT threat intelligence
feeds for free, please visit this link
For more information on the malware and
attacks analyzed in this report, please visit
the malware reports section of our website.
More information on the data and the cyber
incidents mentioned in this report is
available in the blog section of our website.
To access the CISO Peer Survey 2022, visit
this link
To access our datasets, reach out to us at
Additional resources
Cumulative value of published global
cyber ransom payments in 2022
[Across individuals, governments and
businesses]
US$ 4.3 billion
If there was ever a year that highlighted the
need for ramping up cybersecurity
measures and investments, then this was it.
Looking at 2022 from the vantage point of
cybersecurity, it becomes difficult, if not
impossible to summarize this year. With
geopolitical events in diverse geographies
dictating the narrative, we did see the
impact of the growing footprint of Advance
Persistent Threat actors across the Middle
East, South Asia, North America, and
Southeast Asia.
Manufacturing firms, aerospace and
defense contractors, telcos, schools, oil and
gas companies, and healthcare providers
were among the most targeted segments in
2022. Attacks on manufacturers across
segments rose significantly in 2022
indicating the continuing attention this
segment is receiving from hackers.
Surprisingly, data stolen from some of the
victims linked to attacks in early January
2022 is still for sale on a few forums as part of
the original data block it was part of.
An intriguing year for cyber
defenders everywhere
Cyber risk insurance premiums rose for the
second year in a row in 2022. Cyber risk
insurance for financial firms witnessed a rise
of anywhere between 10-100 percent in 2022.
Increasing attacks on enterprises and the
resultant scale of disruption and revenue
impact have together forced insurers to limit
their exposure to losses arising from cyber
incidents.
The direct-written premiums for cyber
insurance collected by U.S. insurance
carriers in 2021 grew by 92% year over year,
according to the National Association of
Insurance Commissioners1
. The rising
premiums are in some instances forcing
enterprises to take a pick between going for
a costly insurance premium or investing in
better security controls2
.
Rising cyber insurance
premiums indicate
heightened cyber risks
The attacks on healthcare providers are
especially worrying as security measures
and security awareness in the healthcare
sector are either non-existent or misaligned
with the diverse threats that the sector is
being increasingly exposed to.
Independent hackers are attacking
healthcare providers for monetary
considerations while the APT groups are
playing with a different goal in mind. Chinese
APT actors who breached multiple
healthcare institutions in India and UK were
after the healthcare records of specific
persons of interest
link
link
section of our website.
section of our website.
section of our website.
section of our website.
CISO Peer Survey
CISO Peer Survey
reach out to us at
reach out to us at
6. 06
www.sectro.com
Country Sector Notes
Premium cost
per US$ million
cover in 2022
Percentage
rise range
USA Banking There were also instances where
the premium rates had gone up
by as much as 300 percent
(cases where the company had
reported a breach in the last 12
months). Insurance may be
denied if the institution is unable
to prove that it has robust
controls in place.
20,000 50-100
USA Manufacturing Earlier it was not uncommon for
a midsize firm to have $10 million
in coverage, that same firm is
now being offered $5 million or
less by most carriers. Specifically,
if firms are determined to be of
high risk, insurers are less likely to
offer them a higher coverage
limit or coverage altogether.
15,000 120
India Enterprise There are various coverage
models deployed by insurers, the
rates vary widely across the
industry. For instance, an
enterprise opting for multiple
products from the same insurer
gets nearly a 7 percent rebate
over listed/quoted premiums.
Approx: 5 USD
per employee/
USD 2066 per
million cover
Data not
available
USA Government
(County)
If counties do not satisfy more
stringent norms and security
control requirements, insurers
may even reject a renewal
40,000 100
Premiums per US$ million of coverage
Cybersecurity insurance premiums will rise significantly in 2023. With more businesses opting for
cybersecurity insurance and growing threats, insurers will look at ways to reduce the risk load.
Key cyber risk trends that
defined 2022
• Cyberspace became a riskier place to be
in 2022: cyberattacks globally grew by a
staggering 188 percent in 2022. Over 95
percent of all businesses were exposed
to cyberattacks of one form or other this
year ranging from Business Email
Compromise all the way to data theft
and loss of assets and capital
investments
• The reinfection of networks belonging to
enterprises that did not pay a ransom
after an attack but restored their
networks was done many times this year.
In some instances, even victims who paid
a ransom found their assets being
reinfected within days of paying the
ransom
• The emergence of a new hacker
eco-system centered around Lockbit 3.0
variants: in addition to new hacker
groups, the new variants also hastened
the evolution of new tactics to target
7. 07
www.sectro.com
segments such as healthcare and
schools. Lockbit 3.0 has also paved the
way for the emergence of new groups
that are light on capabilities and tech
and rely on other actors who supply the
variant to these groups for targeting.
• Consolidation of APT groups. A few
groups turned inactive this year while a
few such as Dark Pink went active out of
the blue in June this year
• Ransom payments and the number of
reported cyber incidents touch a record
high
• Time taken for stolen data to appear on
various forums fell below 7 days for the
first time
• Severe degradation in the cyber offense
capabilities of known Russian APT and
independent groups
• Several Russian hackers formerly
associated with known Russian APT
groups are now offering their services to
non-government customers
• With the emergence of more targets,
hackers are investing more capital and
time in evolving autonomous malware
such as Botenago. In such cases, the first
level of targeting and engagement is
automated and the hacker doesn’t have
to be involved. The malware then targets
multiple vulnerabilities to exploit and
once it latches on to the right exploit, a
backdoor is opened and kept open for
the next wave of attacks
• The latest system to appear on the target
list of hackers is a large-scale backup
system. As an offshoot of distributed
power supply and distribution systems,
hackers could have discovered the value
of these systems while they were
targeting renewable energy projects in
Europe.
• Attacks on non-traditional sectors such
as agricultural farms and renewable
energy projects are growing at
unprecedented rates. Such attacks are
designed to increase the rate of inflation
in select countries by increasing energy
and food prices.
AI-generated scripts are now being
encountered in the wild. To understand the
specific threats associated with the misuse
of AI, we need to classify AI threats into two
broad categories viz., short-term and
long-term. Short-term threats are already
manifesting or will manifest in 2023 while
the long-term ones could take more than a
year to manifest their potency.
AI-powered cyberattacks
are now a reality
8. 08
www.sectro.com
Threat Manifestation timeframe
Impact
AI-written scripts are
added to create newer
malware variants
Immediate threat
The faster appearance of variants of potent
malware and the appearance of new threat
actors who are utilizing this malware
AI-based reply chain
email attacks
Short term
Trained bots could intercept emails to break into
mail conversations to trick employees to
download malicious payload
AI-powered malware
evolution models.
AI-based no/low
touch malware
development
Immediate threat
The evolution of newer malware will now be a
faster affair as bad actors fine-tune malware
development processes. AI will be used to probe
systems and networks for vulnerabilities to exploit.
New malware or modified malware could be used
to weaponize these exploits. Such malware could
be coded with low or negligible human
intervention
Large-scale bot farm
control
Long term
AI will be managing bot farms across geographies
turning them on and off based on the need to
carry out attacks or to evade detection. This will
make it tough to detect and shut down the bot
farms
Reverse decoys Short term
To lure and trap employees and
privilege/credential holders to share data by
using large honeypot networks that pose as
extended asset ecosystems. AI will be used to
create these true-to-life digital twins
AI-based supply chain
attacks
Long term
Poisoned datasets could be inserted in supply
chain management software during the
calibration phase to generate the wrong output.
This could lead to production shutdowns or
aggregation of certain raw materials or
production inputs at the wrong time. In the
automotive and other critical sectors, AI-powered
malware could keep backdoors open in critical
components like semiconductor chips.
• In September, Sectrio’s researchers
unearthed a Lockbit 3.0 variant which was
modified using some form of AI-based
scripting. While the edits were rudimentary
and the malware was easily detected, the
code edits presented some unique
challenges:
• This could be an attempt by hackers to
test the waters with AI
• Code changes included the insertion of
garbage codes at various points to make
the ransomware invisible to
signature-based security tools
• The changes were not very significant
and were probably carried out by
someone who didn’t want to weaponize
this ransomware. The hacker/malware
author could have given up early
• Either way, it does set the context for more
malware authors to use AI to do basic
code-level changes in the future
Hierarchy model for AI-powered cyberattacks
Repeat
Ransom tracking
Attack exn & monitoring
Aligning tools with exploits
Dataset validation and scripting
Dataset creation using a large data pool
9. 09
www.sectro.com
From an execution standpoint, by the end of
2023, we will see the entire lifecycle of an
attack being managed entirely through
AI-based tools. Right now AI is being used by
hackers in a few areas of the overall lifecycle
of an attack and this will change soon.
An Artificial Intelligence tool could identify
potential targets, scan target networks and
devices, locate entry exploits, leverage these
exploits, deploy payloads, coordinate
malware movement, harvest data and
deploy or even generate erasure-proof
payloads by utilizing the resources available
in the target network. The footprint of these
operations will be kept minuscule to evade
detection systems.
We have evidence that points to multiple
such use cases being tried out by hackers.
The Lockbit group is trying out a new tool
that automates follow-ups with the victim
for ransom collection.
• Cyberattacks motivated by geo-political
considerations (including those traced
back to known hacktivist groups) rose by
a staggering 288 percent in 2022.
Sectrio’s threat researchers used various
means to ensure the correct attribution.
The process (influenced by Carnegie
Endowment for Peace)3
followed
included these steps:
• Investigation and event characterization:
this step covers an analysis of the event,
context, TTPs, actors involved, evasive and
obfuscation maneuvers, timing, tactic
signatures, potential motivations, and
reasons for choosing a particular target
• Clustering the attack: based on
previously observed patterns the attack
is categorized
• Post-event claims: verifiable claims
including ransom demand, mode of
payment, and other claims made by the
hacker group
• Data released: the forums in which data
dumps appear often indicate a known
pattern that can be mapped back to a
known threat actor
• Verifiable chatter in known hacker forums
A revision of playbooks?
While in the past many attacks emerged in
the immediate aftermath of a geopolitical
event, from the year 2021, we are seeing
deferred attacks or attacks that emerge
without being anchored to a geopolitical
tremor in the real world. This could be
because the countries that are hosting APT
groups or state-backed hacker agencies
have revised their playbooks. The number
one priority agenda item for APT groups is to
create a nuisance value for the victim
through cyberattacks and all groups are
aware of the fact that any attack could invite
a swift reprisal from the target country’s APT
groups or actors backed by them. Such
attacks could also escalate into an all-out
armed conflict between the countries
involved.
Cyberattacks driven by
geo-political and
geo-economic considerations
Russian ransomware group Conti group
carried out a brazen attack on the Costa
Rican government in April 2022. Over 5
days, the hacker group using various forms
of privilege escalation and manipulation,
managed to exfiltrate data and encrypt
data.
Whle the exact ransom asked for remains
unknown, we do know that the hackers
managed to deploy remote access tools to
ensure continued access to key systems in
case the initial access is lost. This added
another tactic to the already expanding
playbook that hackers are using to create
and exploit breaches.
10 days later Conti group started winding up
Conti signs off with a large
attack on Costa Rican
government
10. 10
www.sectro.com
Geoeconomics is another factor driving
cyberattacks. The motives behind such
attacks could include:
• Disruption of supply chains supporting
the economy of a country considered an
adversary
• IP theft for deriving gain at a
macroeconomic level
• To create a regional resource imbalance
• Deprive an adversary country of
resources critical to its economy
• Disrupt the economic potential of an
adversarial country
• Impose a critical infrastructure
restoration cost on another country
• Lower the investment potential
State-backed cyberattacks have become
an option of choice for many countries to
extract an economic cost for actual or
perceived grievances. The targets for such
attacks are carefully chosen to ensure
maximum impact in terms of costs. In 2022,
we saw attacks on critical infrastructure
across various countries including attacks
on the financial backbones such as stock
exchanges and banking infrastructure,
social security systems, mass transit
services, and ports. Such cyberattacks are
designed to create long-term financial
disruption either in terms of the costs of
reconstruction or the costs incurred due to
the infrastructure being rendered unusable.
2022. Many of these devices including
smart cameras, vehicle tracking devices,
and personal gadgets lack any form of
security other than a password. These
devices also have chips and firmware
with stealthy backdoors (with regular
C&C communication) and often send
data to servers located in countries
without adequate data security laws.
Such devices could be hijacked to serve
as conduits to enable DDoS attacks or to
pass on infected traffic
• Expansion of threat surface area: with the
unchecked addition of untested devices
with questionable supply chain origins
and lack of security audits and testing, it
was only a matter of time before these
devices and networks turned into an
opening for malware and hackers to
exploit.
• In sectors like oil and gas, earlier, many
traditional activities such as site
exploration and geo-probing were all
conducted in complete isolation. Today,
however, such activities are being
conducted with the involvement of
connected systems with basic levels of
security. With more activities being
digitized without adequate attention to
security new risks have emerged.
• Malware development and release
cycles have shrunk: in October 2022
alone, we saw the emergence of 7 new
variants of Lockbit 3.0 emerge in the wild
in quick succession. With the emergence
of new players, the demand for new and
unique malware has risen significantly.
Currently, this demand is being met
through variants of existing malware. In
2023, however, we expect more potent
malware to emerge than ever before.
This trend is also being aided by the
emergence of Zero days and the
development of malware in unknown
labs and research centers belonging to
private hacker groups.
• Sectors such as space tech are being
targeted through firmware trojans
• Expanding data dumps on the Dark Web
Why are cyberattacks
rising?
Here are some of the unique reasons:
• The number of phishing emails
intercepted by Sectrio’s threat research
team has gone up by 779 percent in 2022.
Over 112,00,000 phishing emails were
intercepted by Sectrio’s threat researchers
across domains. According to US CISA4
“More than 90% of successful
cyber-attacks start with a phishing email.”
• The sale of compromise-prone IoT
devices (or even pre-compromised
devices) has continued unabated in
11. 11
www.sectro.com
• Rise of APT-trained actors and threat
actors who are carrying out cyberattacks
in the guise of hacktivism
• Sophisticated actors are now acting with
more knowledge of the processes and
systems to be targeted. In the cement
manufacturing sector, we saw attacks on
heat recovery systems and health
instrumentation systems. Easy
availability of components from the
pre-owned market and elsewhere is
enabling hackers to build digital twins on
sandbox environments to play out
security responses from enterprises and
to figure out workarounds. Such devices
and their digital counterparts are also
helping hackers uncover Zero days which
• Quantitatively, IoMT devices registered the maximum growth in attacks
(starting from a low base)
• OT registered the 4th
consecutive year of rising attacks
• IIoT and OT attracted the highest number of sophisticated attacks
• APT actors accounted for about 39 percent of all attacks on OT
• IIoT and IoMT devices were mostly attacked by independent hackers
are then sold on the Dark Web and other
places through a sale or via an online
auction.
• Unsecured OT networks are accessible
through the internet. This provides an
opening for hackers to access other parts
of the enterprise network including WiFi
networks that connect with non-corporate
devices and equipment. In one instance
Sectrio’s researchers uncovered a
convergence of a corporate network with
the WiFi network of a facility used by the
senior management of an enterprise. This
means that all corporate communications
and mail and other communication can
potentially be sniffed by hackers or
embedded malware.
Growth in cyberattacks across OT, IoT, IIoT and IoMT
Logged growth (%)
20
20
0
0
40
40
60
60
80
80
100
100
120
120
91
91
OT
OT
65
65
IOT
IOT
102
102
IOMT
IOMT
73
73
IIOT
IIOT