Throughout the second half (2H) of 2020, 71 percent of industrial control system (ICS) vulnerabilities disclosed were remotely exploitable through network attack vectors, according to the second Biannual ICS Risk & Vulnerability Report released by industrial cybersecurity company. Claroty.
The report also revealed a 25 percent increase in ICS vulnerabilities disclosed compared to 2019, as well as a 33 percent increase from 1H 2020.
The report comprises The Claroty Research Team’s discoveries alongside trusted open sources, including the National Vulnerability Database (NVD), the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), [email protected], MITRE, and industrial automation vendors Schneider Electric and Siemens.
During 2H 2020, 449 vulnerabilities affecting ICS products from 59 vendors were disclosed. Of those, 70 percent were assigned high or critical Common Vulnerability Scoring System (CVSS) scores, and 76 percent do not require authentication for exploitation.
“The accelerated convergence of IT and OT networks due to digital transformation enhances the efficiency of ICS processes, but also increases the attack surface available to adversaries,” said Amir Preminger, VP of research at Claroty.
“Nation-state actors are clearly looking at many aspects of the network perimeter to exploit, and cybercriminals are also focusing specifically on ICS processes, which emphasises the need for security technologies such as network-based detection and secure remote access in industrial environments,” added Preminger.
“It is heartening to see a growing interest in ICS within the security research community, as we must shine a brighter light on these vulnerabilities in order to keep threats at arm’s length.”
Vulnerabilities on the rise in critical manufacturing, energy, and water & wastewater sectors
The critical manufacturing, energy, water and wastewater, and commercial facilities sectors—all designated as critical infrastructure sectors—were by far the most impacted by vulnerabilities disclosed during 2H 2020 and shows increases from the previous two years across the board:
- Critical manufacturing increased 15 percent from 2H 2019 and 66 percent from 2H 2018
- Energy increased eight percent from 2H 2019 and 74 percent from 2H 2018
- Water and wastewater increased 54 percent from 2H 2019 and 63 percent from 2H 2018
- Commercial facilities increased 14 percent from 2H 2019 and 140 percent from 2H 2018
Assessment Of ICS Vulnerabilities Sees Growth In Third-Party Researchers
The number of ICS vulnerabilities disclosed in 2020 increased by more than 30 percent compared to 2018 and nearly 25 percent compared to 2019.
Two factors contribute to this spike in recent years: a heightened awareness of the risks posed by ICS vulnerabilities, and researchers and vendors increasingly focused on identifying and remediating security flaws as effectively and efficiently as possible. This growth indicates security research focused on ICS products maturing.
Third-party researchers were responsible for 61 percent of discoveries, many of which were cybersecurity companies. This signals a change in focus to include ICS alongside IT security research, further evidence of the accelerated convergence between IT and OT. Among all third-party discoveries, 22 reported their first disclosures, a positive sign of growth in the ICS vulnerability research market.
The Claroty Research Team discovered and disclosed 41 vulnerabilities during the 2H 2020, affecting 14 vendors.
These represent the direction and core objectives of the team’s research focus. Overall, Claroty researchers have found and disclosed more than 70 ICS vulnerabilities to date.
Check these articles out:
CLICK HERE FOR LATEST NEWS.
READ CURRENT AND PAST ISSUES OF IAA.
KEEP YOURSELF UPDATED, SUBSCRIBE TO IAA NOW!