Security experts have issued a warning over surging threats faced by wireless networks, with many left woefully unprotected .
Analysis of more than 500,000 'honeypot' wireless networks by Nozomi Networks Labs found only 6% are adequately protected against wireless deauthentication attacks.
The rest are vulnerable to unauthorized access to data or interference with critical systems, the study noted. For example, in industrial environments attacks could disrupt automated processes, halt production lines, or create safety hazards for workers.
"Cyber attacks on the world’s critical infrastructure are on the rise," said Chris Grove, director of cybersecurity strategy at Nozomi Networks.
"The systems we design and defend must not only withstand a barrage of threats in today’s multipolar world but also balance the need to operate safely at scale, where human lives are at stake."
In the second half of last year, nearly half of observed cyber threat alerts took place during the ‘impact’ phase of the cyber kill chain. This was true across various industries, but particularly in manufacturing, transportation, energy, utilities, and water.
Next were Command and Control (C&C) techniques, which accounted for a quarter of all observed alerts.
Meanwhile, of the 619 new vulnerabilities published in the second half of 2024, 71% are classified as critical. Another 20 have high Exploit Prediction Scoring System (EPSS) scores, indicating a high likelihood of future exploitation.
Indeed, four vulnerabilities have already been observed being actively exploited in the wild.
Of all ICS security advisories released by CISA over the past six months, critical manufacturing topped the list, accounting for three quarters of all Common Vulnerabilities and Exposures (CVEs) reported.
Next were manufacturing, energy, communications, transportation, and commercial facilities.
The energy industry - a lucrative sector for threat actors - is becoming a growing target, with 174 attacks taking place since 2024; more than half were focused on credential access and collection.
Across the board, common threats include deauthentication attacks, rogue access points, eavesdropping, jamming attacks, signal interception and espionage, signal jamming and network access attempts.
How to counter network threats
According to Nozomi Networks, organizations should implement a risk reduction strategy and audit performance regularly, prioritizing anomaly detection and response.
"With nation-state threat actors relying on living-off-the-land tactics and malware inflicting multimillion-dollar losses on victim companies, keeping threat intelligence databases up to date is critical to safeguard against known threats," the researchers warned.
"However, signature-based detection alone may not suffice for emerging or unknown threats. Many reconnaissance activities are more effectively uncovered through anomaly detection rather than purely signature-based approaches."
It's also important to take note of regional and industry-specific threat intelligence and prioritize vulnerabilities with high-risk scores, the study noted.
Scalability and cost efficient performance for AI applications
Organizations should also take asset criticality, compensating controls, device type, safety implications, exposure and other contextual factors into account.
Similarly, defenses against botnet attacks should be improved by strengthening endpoint security and applying network segmentation.
"By understanding these evolving threats and leveraging actionable insights, we can defend our critical infrastructure systems to ensure resilience, safety and operational continuity in an increasingly uncertain world," said Grove.
MORE FROM ITPRO
