Forescout Research recorded more than 420 million cyberattacks on critical infrastructure, including the healthcare industry, between January and December 2023. That is 13 attacks per second, a 30% increase from 2022, according to Forescout.
Forescout unveiled the global findings of recorded attacks in its Adversary Engagement Environment (AEE) in the new report, “2023 Global Threat Roundup.” The AEE is maintained by Vedere Labs, a global team dedicated to uncovering vulnerabilities in and threats to critical infrastructure.
Despite the formidable challenges posed by the ongoing surge in cyber-activity, Forescout believes there is an optimistic path forward.
“While it’s true that current efforts have fallen short in fully harnessing crucial technology to fortify critical assets and assess risks, there is an opportunity for improvement,” said Elisa Costante, VP of research at Forescout Research – Vedere Labs.
Exploits against software libraries are witnessing a decline due to the waning popularity of Log4j exploits. This lull has given rise to a surge in exploits targeting network infrastructure and Internet of Things (IoT) devices.
Among the IoT landscape, the spotlight falls on IP cameras, building automation systems, and network-attached storage, emerging as the most sought-after targets for malicious actors.
Only 35% of exploited vulnerabilities made an appearance in the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) list. This divergence emphasizes the need for a proactive and comprehensive approach to cybersecurity, transcending reliance on known vulnerability databases.
Threat actors have cast a digital net far and wide, impacting 163 countries. The United States stands as the primary target, bearing the brunt with 168 malicious actors setting their sights on the nation. Other countries include the United Kingdom (88), Germany (77), India (72), and Japan (66).
The usual suspects boast high concentrations of threat actors: China (155), Russia (88), and Iran (45), collectively representing nearly half of all identified threat groups.
“The key lies in achieving comprehensive visibility, ensuring real-time contextual awareness of every device, whether managed or unmanaged,” says Costante. “By doing so, large enterprises can transition from a reactive defense posture to a more proactive approach, steering clear of the futile game of security whack-a-mole. This shift towards enhanced visibility and proactive defense strategies signals a brighter outlook for critical infrastructure.”