ICS vulnerabilities on the rise as attacks increase
Industrial control system (ICS) vulnerability disclosures are increasing as recent high-profile cyberattacks on critical infrastructure and industrial enterprises have made ICS security a mainstream issue.
The latest biannual ICS Risk & Vulnerability Report released today by Claroty shows a 41 percent increase in ICS vulnerabilities disclosed in the first half of 2021 compared to the previous six months, which is particularly significant given that in all of 2020 they increased by 25 percent from 2019 and 33 percent from 2018.
"As more enterprises are modernizing their industrial processes by connecting them to the cloud, they are also giving threat actors more ways to compromise industrial operations through ransomware and extortion attacks," says Amir Preminger, vice president of research at Claroty. "The recent cyber attacks on Colonial Pipeline, JBS Foods, and the Oldmsar, Florida water treatment facility have not only shown the fragility of critical infrastructure and manufacturing environments that are exposed to the internet, but have also inspired more security researchers to focus their efforts on ICS specifically. This is exactly why we are committed to helping the industry at large gain a deep understanding of the risks facing industrial networks and how to mitigate them with this report."
The report also shows 71 percent of the vulnerabilities are classified as high or critical, reflecting their potential impact and risk to operations. 90 percent have low attack complexity, meaning they don't require special conditions and an attacker can expect repeatable success every time.
Also 74 percent don't require privileges, meaning the attacker is unauthorized and doesn’t need any access to settings or files, 66 percent don't even require user interaction, such as opening an email, clicking on links or attachments, or sharing sensitive personal or financial information.
The importance of securing remote connections and Internet of Things (IoT) and Industrial IoT (IIoT) devices is highlighted too, with 61 percent of vulnerabilities being remotely exploitable.
In addition 65 percent may cause total loss of availability, resulting in denial of access to resources, and 26 percent have either no available fix or only a partial remediation, representing a key challenge to securing OT environments compared to IT environments.
The full report is available from the Claroty site.