The report highlights a significant increase in attack attempts on critical infrastructure industries, employing methods such as Denial-of-Service (DoS), network scanning, adversary-in-the-middle attacks, brute force attacks, and remote system discovery. These tactics leverage credential access, system discovery, and data collection techniques to infiltrate essential systems.
A key finding is the widespread vulnerability of wireless networks, with an analysis of over 500,000 networks revealing that only 6% are adequately protected against wireless deauthentication attacks. This leaves mission-critical environments—such as healthcare, manufacturing, and industrial automation—exposed to unauthorized access, data breaches, and operational disruptions.
During the second half of 2024, nearly half of all cyber threat alerts were detected in the Impact phase of the cyber kill chain, with sectors like Manufacturing, Transportation, Energy, Utilities, and Water/Wastewater being among the most affected. A significant portion of these alerts involved Command and Control (C&C) techniques, signaling a rise in persistent cyber threats.
The report also identified 619 newly published vulnerabilities, with 71% classified as critical. Among these, 20 vulnerabilities have high Exploit Prediction Scoring System (EPSS) scores, indicating a strong likelihood of future exploitation. Additionally, four vulnerabilities are already being actively exploited in real-world attacks.
The findings emphasize the urgent need for organizations to strengthen their security posture, focusing on patching critical vulnerabilities and enhancing defenses against evolving cyber threats. Critical manufacturing was the most impacted sector, accounting for 75% of reported vulnerabilities, followed closely by the Energy, Communications, Transportation, and Commercial Facilities sectors.
As cyberattacks on critical infrastructure escalate, security experts stress the importance of proactive risk management, real-time threat intelligence, and resilience strategies to safeguard essential systems and national security.
Source: SecurityBrief
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.