Unyielding cyber threats plague our global critical infrastructure

TLDR: Global critical infrastructure, including medical, power, communications, waste, manufacturing, and transportation equipment, has been under near-constant cyber attacks in the past year, according to Forescout. The attacks have shifted from software library exploits to network infrastructure and IoT devices, with IP cameras, building automation systems, and network-attached storage being the most targeted. Operational Technology (OT) is also under relentless assault, with protocols used in industrial automation and power sectors being heavily targeted. Malware families like Agent Tesla Remote Access Trojan (RAT), Mirai botnet variants, and the Redline info stealer pose significant threats. Command-and-control servers, particularly Cobalt Strike, Metasploit, and Sliver C2, are primarily located in the United States, China, and Russia. Threat actors have targeted 163 countries, with the United States being the most heavily targeted, followed by the United Kingdom, Germany, India, and Japan. China, Russia, and Iran are responsible for nearly half of all identified threat groups. Key sectors like government, financial services, and media and entertainment are the primary targets of these malicious entities. To defend against these attacks, there is a need for comprehensive visibility, real-time awareness of every device, and a proactive defense strategy.