Articles about Industrial Control Systems

New research released today by Claroty looks at the impacts of economic and geopolitical uncertainty on organizations' ability to protect their cyber-physical systems (CPS) environments.

Cyber-physical systems are those that overlap the cyber world -- things like industrial control and medical devices -- and may therefore slip below the radar of traditional cybersecurity approaches. The survey, of 1,100 infosecurity, OT engineering, clinical and biomedical engineering, and facilities management and plant operations professionals, shows concerns that economic policies and geopolitical tensions are adding to risk.

Continue reading →

A new report highlights how growing reliance on digital technologies across Europe, combined with geopolitical tensions and sophisticated threat actors, is creating a perfect storm that could put energy stability at risk and lead to the lights going out.

The study from security awareness training platform KnowBe4 shows the average number of cyberattacks against utilities more than doubled between 2020 and 2022. Specifically across Europe, cyber threats to the energy sector have surged, driven by an epidemic of under-reporting and lack of detection, with recent attacks disrupting operations, compromising sensitive data, and highlighting the urgent need for stronger cybersecurity measures.

Continue reading →

Over the past year, more than 50 percent of organizations have experienced at least one security incident involving ICS/OT systems. Among the top vulnerabilities exploited are internet-accessible devices (33 percent) and transient devices (27 percent), often used to bypass traditional defenses.

A new report from the SANS Institute, in partnership with OPSWAT, shows that while 55 percent of organizations reported increased ICS/OT cybersecurity budgets over the past two years, much of that investment remains heavily skewed toward technology, with limited focus on operational resilience.

Continue reading →

Recent attacks have highlighted the vulnerability of industrial control systems to attack and a new report has found 18,000 exposed devices that are likely used to control industrial systems.

The report, from internet intelligence platform Censys, focuses on ICS devices in the US and UK and also finds that almost 50 percent of the human-machine interfaces associated with water and wastewater systems (WWS) identified could be manipulated without any authentication required.

Continue reading →

A new report from Cyolo and the Ponemon Institute reveals that third-party access to operational technology environments is significantly expanding the attack surface.

According to the study, 73 percent permit third-party access to OT environments, with an average of 77 third parties per organization granted such access.

Continue reading →

Building management systems (BMS) are responsible for controlling and monitoring various building services such as HVAC, energy, elevators, escalators, surveillance and access control.

They're crucial for service delivery across industries, including critical infrastructure such as energy, utilities, and healthcare. But they're also a significant of an organization's cyber risk due to their integration with IT networks and the internet.

Continue reading →

Industrial control system and operational technology environments are becoming increasingly interconnected and complex, offering efficiency and innovation. However, this also exposes organizations to heightened vulnerabilities from relentless cyber threats.

The latest SANS 2023 ICS/OT Cybersecurity Survey, sponsored by critical infrastructure protection specialist OPSWAT, shows the three items of utmost importance for ICS security programs in 2023 have been identified as network visibility, risk assessments, and transient device threat detection.

Continue reading →

New research from SynSaber, along with the ICS Advisory Project, into industrial control operational technology system vulnerabilities finds that 34 percent of the CVEs reported in the first half of 2023 currently have no patch or remediation available from the vendor.

This compares to the 35 percent that had no fixes in the second half of 2022 but is a significant increase from the 13 percent in the first half of last year.

Continue reading →

New research from security behavior change specialist Hoxhunt shows that 66 percent of active participants in security behavior training programs at critical infrastructure organizations detect and report at least one real malicious email attack within a year.

The report -- based on analysis of over 15 million phishing simulations and real email attacks reported in 2022 by 1.6 million people participating in security behavior change programs -- shows the effectiveness of training in making staff more engaged in organizational security.

Continue reading →

Operational technology and industrial control system devices represent an attractive target for cybercriminals attempting to access networks, and for nation state actors looking to disrupt infrastructure.

Asset visibility and security company Armis is releasing new research identifying the riskiest devices that pose threats to critical infrastructure industries: manufacturing, utilities and transportation.

Continue reading →

It used to be the case that all you had to worry about with ransomware was encrypted data, but the latest Cyberthreat Defense Report (CDR) from CyberEdge Group reveals that last year 78 percent of ransomware victims faced the consequences of one, two or three additional threats unless they paid the ransom.

Additional threats include launching distributed denial of service (DDoS) attacks (42 percent), notifying customers or the media of the data breach (42 percent), and publicly releasing exfiltrated data (40 percent).

Continue reading →

New research, from ICS/OT cybersecurity firm SynSaber, has analyzed over 900 CVEs reported in industrial control systems in the second half of 2022 and finds that 35 percent have no patch or remediation available.

Only 56 percent of the CVEs have been reported by the original equipment manufacturer (OEM), while 43 percent have been submitted by security vendors and independent researchers. A firmware update is required to fix 33 percent.

Continue reading →

The classic way of preventing critical systems, such as industrial controls, from attack is to air-gap them. That is to say ensure they don't have a connection to the internet.

But while they may not have a web connection they still often require DNS services in order to resolve a company's internal DNS records. New research from Pentera shows that this can provide a weak point to be exploited by attackers.

Continue reading →

The latest OT/IoT security report from Nozomi Networks shows that wiper malware and IoT botnets dominate threats to industrial control systems.

Researchers have observed the robust usage of wiper malware, and seen the emergence of an Industroyer variant, dubbed Industroyer2, developed to misuse the IEC-104 protocol, which is commonly used in industrial environments.

Continue reading →

With Industrial Control Systems (ICS) expanding into traditional IT space and even into the cloud, the attack surface of ICS environments has increased significantly, making it crucial to recognize your ICS vulnerabilities and implement advanced techniques for monitoring and defending against rapidly evolving cyber threats to critical infrastructure.

Industrial Cybersecurity -- Second Edition covers the updated Industrial Demilitarized Zone (IDMZ) architecture and shows you how to implement, verify, and monitor a holistic security program for your ICS environment.

Continue reading →