ICS vulnerabilities spiked 41% in 1H21

The number of reported vulnerabilities in industrial control systems (ICS) surged 41% during the first half of 2021 compared to the prior six months, research from industrial IoT security company Claroty indicates.

The company’s biannual ICT Risk & Vulnerability Report found that 637 ICS vulnerabilities were disclosed in 1H21. Of these, 71% were classified as high or critical vulnerabilities.

More than four in five (81%) reported vulnerabilities were discovered by sources other than the ICS system vendor, including third-party companies, independent researchers, academics and other researchers.

Concerningly, 90% of the vulnerabilities were also classified as having a low attack complexity, meaning they do not require special conditions and an attacker can expect repeatable success every time.

Three-quarters of the vulnerabilities do not require privileges for the attacker to use and 66% do not require user interaction. In addition, 61% are remotely exploitable, 65% may cause total loss of availability and 26% have no or only a partial fix available.

Claroty VP of Research Amir Preminger said the results show that vulnerabilities in ICS and operational technology are both a growing threat and an increasing focus for security researchers.

“As more enterprises are modernising their industrial processes by connecting them to the cloud, they are also giving threat actors more ways to compromise industrial operations through ransomware and extortion attacks,” he said.

“The recent cyber attacks on Colonial Pipeline, JBS Foods and the Oldmsar, Florida water treatment facility have not only shown the fragility of critical infrastructure and manufacturing environments that are exposed to the internet, but have also inspired more security researchers to focus their efforts on ICS specifically.”

Image credit: ©stock.adobe.com/au/metamorworks