ICS Risks & Vulnerabilities Report 2H 2020

Picture1We are excited to share our partners Biannual ICS Risk & Vulnerability Report for the 2H 2020. This report is an in-depth analysis of publicly disclosed ICS and SCADA system vulnerabilities, driven from a number of prominent sources including ICS-CERT, the National Vulnerability Database (NVD), MITRE, CERT@VDE, and Claroty’s vendor partners Schneider Electric and Siemens.

The report exposes not only the number and severity of industrial cybersecurity vulnerabilities disclosed during the second half of 2020, but also illuminates a number of emerging trends based on the data.

Why we only partner with the best

OT security is subjective matter, disclosed vulnerabilities quickly become public knowledge where all security vendors can identify these risks. This is a good thing, however when choosing a security vendor, is it best to partner with one who only identifies threats through other people’s hard work or choose somebody who actively researches risks and disclosed them in the first place?

This demonstrates the significant work being undertaken by our partners at Claroty within their Research Team, which authored this report and solidifies Claroty as a security research leader among industrial cybersecurity companies.

Sneak Peek

Here’s a sample of some of the data points from the report that paint the best picture of the ICS risk and vulnerability landscape in 2H2020:

  • The Claroty Research Team disclosed 41 vulnerabilities affecting 14 vendors
  • Industry-wide, there were 449 vulnerabilities affecting ICS products from 59 vendors disclosed in the 2H2020
  • 72% of disclosed vulnerabilities are remotely exploitable
  • 47% of vulnerabilities affect Levels 1 and 2 of the Purdue Model
  • 76% of vulnerabilities do not require authentication for exploitation

Key Trends

Digital Transformation and IT/OT Convergence: IT managers are concerned about the expanded attack surface they’re responsible for, and they need to understand their risk posture and how security technologies such as network-based detection and secure remote access are necessary to keep threats at arm’s length.

Maturation of ICS Security Research: Observed more researchers—and black hats—looking for ICS bugs, and concentrating on leading vendors such as Schneider, Mitsubishi, and Siemens. This focus is twofold: More equipment available for analysis, and a definite fixation on market leaders with a wider reach inside organisations.

Adversaries: Two emerging trends: Nation-state actors are clearly looking at many aspects of the network perimeter to exploit (e.g., SolarWinds and the supply chain); and cybercriminals are also focusing ICS (inclusion of ICS processes on the SNAKE ransomware process kill lists).

Our Research and Commitment

At SolutionsPT we only partner with leading vendors who have a proven track record in securing OT systems, we monitor and track emerging trends and deliver solutions that we test and validate before we bring these into our portfolio.

2020 was an interesting year in many ways, this made us refocus on what was actually important, and kick started the remote working revolution, and this trend seems no sign of slowing down either.

You can download the report below, if you would like to see Claroty in action we can arrange an online demonstration or arrange for an onsite proof of value trial.

#solutionspt #otsecurity #otcybersecurity

Download the Report