Third parties shining light on ICS vulnerabities

The number of vulnerabilities in industrial control systems (ICS) disclosed during the second half of 2020 grew 25% year on year as security gaps in remote work environments expanded attack services for industrial networks, according to Claroty.

Research from the industrial cybersecurity company found that 449 vulnerabilities affecting ICS products from 59 vendors were disclosed during 2H20.

Of the disclosed vulnerabilities, 70% were classed as high or critical on the Common Vulnerability Scoring System (CVSS) and 76% do not require authentication for exploitation.

The research also found that 71% of ICS vulnerabilities disclosed during the six-month period were remotely exploitable through network attack vectors.

Reported vulnerabilities increased across the critical manufacturing, energy, and water and wastewater sectors, which were by far the sectors most impacted by the vulnerabilities disclosed during the period.

“The accelerated convergence of IT and OT networks due to digital transformation enhances the efficiency of ICS processes, but also increases the attack surface available to adversaries,” Claroty VP of Research Amir Preminger commented.

“Nation-state actors are clearly looking at many aspects of the network perimeter to exploit, and cybercriminals are also focusing specifically on ICS processes, which emphasises the need for security technologies such as network-based detection and secure remote access in industrial environments.”

Third-party researchers were responsible for 61% of discoveries during 2H20, many of which were cybersecurity companies. Among the third-party discoveries, 22 reported their first disclosures.

“It is heartening to see a growing interest in ICS within the security research community, as we must shine a brighter light on these vulnerabilities in order to keep threats at arm’s length,” Preminger said.

Image credit: ©stock.adobe.com/au/Mr.B-king