Nozomi reveal global cyber threat in latest report

The latest OT/IoT security report from Nozomi Networks Labs finds wiper malware, IoT botnet activity and the Russia/Ukraine war impacted the threat landscape in the first half of 2022.

Since February 2022, Nozomi Networks Labs researchers saw activity from several types of threat actors, including hacktivists, nation-state APTs and cyber criminals. They also observed the robust usage of wiper malware and witnessed the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.

Additionally, in the first half of 2022, malicious IoT botnet activity was on the rise and growing in sophistication. Nozomi Networks Labs set up a series of honeypots to attract these malicious botnets and capture their activity in order to provide additional insights into how threat actors target IoT. In this research, Nozomi Networks Labs analysts uncovered growing security concerns for both hard-coded passwords and internet interfaces for end-user credentials. From January to June 2022, Nozomi Networks honeypots found:

  • March was the most active month with close to 5,000 unique attacker IP addresses collected.
  • The top attacker IP addresses were associated with China and the United States.
  • “Root” and “admin” credentials were most often targeted and used in multiple variations as a way for threat actors to access all system commands and user accounts.

On the vulnerability front, manufacturing and energy continue to be the most vulnerable industries followed by healthcare and commercial facilities. In the first six months of 2022:

  • CISA released 560 Common Vulnerabilities and Exposures (CVEs) – down 14% from the second half of 2021
  • The number of impacted vendors went up 27%
  • Affected products were also up 19% from the second half of 2021

“This year’s cyber threat landscape is complex,” said Roya Gordon, Nozomi Networks OT/IoT Security Research Evangelist. “Many factors including increasing numbers of connected devices, the sophistication of malicious actors and shifts in attack motivations are increasing the risk for a breach or cyber-physical attack. Fortunately, security defences are evolving too. Solutions are available now to give critical infrastructure organisations the network visibility, dynamic threat detection and actionable intelligence they need to minimise risk and maximise resilience.”

Nozomi Networks’ “OT/IoT Security Report” provides security professionals with the latest insights needed to re-evaluate risk models and security initiatives, along with actionable recommendations for securing critical infrastructure. This latest report includes:

  • A review of the current state of cybersecurity
  • Trends in the threat landscape and solutions for addressing them
  • A recap of the Russia/Ukraine crisis, highlighting new related malicious tools and malware
  • Insights into IoT botnets, corresponding IoCs and threat actor TTPs
  • Recommendations and forecasting analysis

For more news updates, check out our Q3 Issue here.

Media contact

Rebecca Morpeth Spayne,

Editor, Security Portfolio

Tel: +44 (0) 1622 823 922

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Most cyber attacks in Middle East involve spyware

Positive Technologies has analysed the attacks carried out on individuals in Middle Eastern countries between 2022…
Nozomi

Nozomi Networks Expands Partnership with Mandiant

 Nozomi Networks announced an expanded global strategic partnership with Mandiant to help industrial and enterprise customers anticipate…
SANS

Nozomi Networks Sponsored SANS Survey

Nozomi Networks Inc., OT and IoT security, announced the SANS 2022 OT/ICS Cybersecurity Report finds ICS cybersecurity threats

Trellix expands their XDR platform

Trellix, the cybersecurity company delivering the future of extended detection and response (XDR), has announced the expansion of its XDR platform.
GITEX

IoT solutions at GITEX Technology Week

Nozomi Networks is returning to the eagerly awaited GITEX Technology Week, with the intent to educate visitors about growing vulnerabilities

Nozomi Networks confirms attendance of MENA ISC

Nozomi Networks is confirming its active participation at the forthcoming MENA Information Security Conference 2022 (MENA ISC).

Nozomi Networks Adds 9 New Partners

Nozomi Networks Inc., the leader in OT & IoT security, today announced its MSSP Partner Program has added 9 new distinguished members.
malware

Peer Software will monitor malware patterns

Peer Software today announced the formation of a strategic alliance with Pulsar Security to continuously analyse malware attack patterns.

Peer Software will monitor malware patterns

Peer Software today announced the formation of a strategic alliance with Pulsar Security to continuously analyse malware attack patterns.
Scroll to Top