Wireless networks unprotected as threats to critical infrastructure escalate

The latest Nozomi Networks Labs OT & IoT Security Report finds wireless networks woefully unprotected as threat actors continue to gain deep access into critical infrastructure. In the 2nd half of last year, critical infrastructure organizations in the United States saw the highest number of attacks, with manufacturing at highest risk.

  • Thursday, 27th February 2025 Posted 1 month ago in by Phil Alsop

Wireless Networks a High Security Risk

In the latest report from Nozomi Networks Labs, an analysis of more than 500,000 wireless networks worldwide found only 6% are adequately protected against wireless deauthentication attacks. This means most wireless networks, including those in mission-critical environments, remain highly exposed. In healthcare, for example, vulnerabilities in wireless networks could lead to unauthorized access to patient data, or interference with critical systems. Similarly, in industrial environments, these attacks could disrupt automated processes, halt production lines, or create safety hazards for workers.

Cyber Threat Activity Poses High Risk Across Industries

According to the report, In the 2nd half of last year, nearly half (48.4%) of the observed cyber threat alerts occur in the Impact phase of the cyber kill chain. This was true across various industries, particularly in Manufacturing, Transportation, Energy, Utilities, and Water/Wastewater. Command and Control (C&C) techniques followed closely (25% of all observed alerts). The Labs’ findings demonstrate the presence of adversaries deep within critical infrastructure systems and their intent to persist and maintain control over access.

Vulnerability Insights

Researchers also discovered, among 619 newly published vulnerabilities in the 2nd half of 2024, 71% are classified as critical. Additionally, 20 vulnerabilities have high Exploit Prediction Scoring System (EPSS) scores, indicating a high likelihood of future exploitation. Furthermore, four vulnerabilities have already been observed being actively exploited in the wild (KEV). These findings point to an urgent need for organizations to promptly address and mitigate the most critical and dangerous vulnerabilities.

Additionally, of all ICS security advisories released by CISA over the past six months, critical manufacturing topped the list, accounting for 75% of all Common Vulnerabilities and Exposures (CVEs) reported in the past six months. Manufacturing was followed by Energy, Communications, Transportation and Commercial Facilities.

Security Insights and Recommendations to Protect Critical Infrastructure

“Cyberattacks on the world’s critical infrastructure are on the rise,” said Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks. “The systems we design and defend must not only withstand a barrage of threats in today’s multipolar world but also balance the need to operate safely at scale, where human lives are at stake. By understanding these evolving threats and leveraging actionable insights, we can defend our critical infrastructure systems to ensure resilience, safety and operational continuity in an increasingly uncertain world.”

Failure to prioritise testing and integrate generative AI tools raises concerns as agentic AI adds pressure.

CIOs 'overspend' on cloud

Posted 4 days ago by Phil Alsop
43% of CIOs say their CEOs and/or board of directors have concerns about their company’s cloud spend.
Research revealed at Coterie Connect event highlights shifting team structures, evolving skills priorities, and urgent training needed for partner...
Endava has launched its latest research report “AI and the Digital Shift: Reinventing the Business Landscape”.

3,000% surge in enterprise use of AI/ML tools

Posted 1 week ago by Phil Alsop
Zscaler has released the ThreatLabz 2025 AI Security Report, based on insights from more than 536 billion AI transactions processed between February...
Over one in four (28%) British small business owners have used AI tools to help run their business.

Tech fragmentation cited as biggest cyber challenge

Posted 1 week ago by Phil Alsop
New Palo Alto Networks data shows 82% of UK organisations confident in their use of AI, despite AI being identified as biggest cyber risk for 2025.
MIT researchers crafted a new approach that could allow anyone to run operations on encrypted data without decrypting it first.