Fraud Management & Cybercrime , Governance & Risk Management , Operational Technology (OT)

Securing IoT and OT Devices Amid Ransomware Threats

Daniel dos Santos of Forescout Technologies on How to Stay Ahead of the Curve
Daniel dos Santos, head of security research, Forescout Technologies

IoT and OT devices, which include network-attached storage devices, hold valuable data that ransomware groups seek to compromise. NAS devices are often exposed on the internet and lack the robust security measures found in other endpoints.

See Also: Endpoint Security Challenges in Manufacturing and Strategies to Alleviate Associated Risks

Engineering workstations provide a bridge between IT and OT networks, making them appealing entry points for attackers seeking to affect operational technology, said Daniel dos Santos, head of security research at Forescout Technologies. Implementing endpoint detection and response on IoT and OT devices is challenging due to a lack of agent support and specific security features, he said.

Dos Santos also discussed using generative AI from offensive and defensive perspectives. "We keep an eye out on the threat landscape - what attackers are doing, what kinds of devices they're leveraging - and try to keep track of how that threat landscape evolves," he said. "Understanding all these new types of devices that are always emerging - whether that is in the medical field/healthcare, industrial control systems, or just consumer IoT, enterprise, IoT, and so on - the new extended attack surface is something that we're looking at."

In this video interview with Information Security Media Group at Black Hat USA 2023, Dos Santos also discussed:

  • Monitoring network behavior and communication protocols for detecting anomalies and potential attacks;
  • The use of generative AI in enhancing the speed and volume of attacks on medical devices;
  • Data tampering and its impact on threat detection.

Dos Santos leads a team of researchers at Forescout Technologies that identifies new vulnerabilities and monitors active threats. He has published over 30 journal and conference papers on cybersecurity and has spoken at conferences such as Black Hat, Hack In The Box and x33fcon.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.