infographic
said Amir Preminger, VP of Research
at Claroty. “We recognised the critical
need to understand, evaluate and
report on the comprehensive ICS risk
and vulnerability landscape to benefit
the entire OT security community. Our
findings show how important it is for
organisations to protect remote access
connections and Internet-facing ICS
devices and to protect against phishing,
spam and ransomware in order to
minimise and mitigate the potential
impacts of these threats.”
According to the report, more than
70% of the vulnerabilities published
by the NVD can be exploited remotely,
reinforcing the fact that fully air-gapped
ICS networks that are isolated from
cyberthreats have become vastly
uncommon. Additionally, the most
common potential impact was remote
code execution (RCE), possible with
49% of vulnerabilities – reflecting its
prominence as the leading area of
focus within the OT security research
community – followed by the ability
to read application data (41%), cause
Denial of Service (DoS) (39%) and
bypass protection mechanisms (37%).
The prominence of remote exploitation
has been exacerbated by the rapid
global shift to a remote workforce and
the increased reliance on remote access
to ICS networks in response to the
COVID-19 pandemic.
The energy, critical manufacturing
and water & wastewater infrastructure
sectors were by far the most impacted
by vulnerabilities published in ICS-
CERT advisories during 1H 2020. Of
the 385 unique Common Vulnerabilities
and Exposures (CVEs) included in the
advisories, energy had 236, critical
manufacturing had 197 and water &
wastewater had 171. Compared to 1H
2019, water & wastewater experienced
the largest increase of CVEs (122.1%),
while critical manufacturing increased by
87.3% and energy by 58.9%. u
Our findings show
how important it is
for organisations
to protect remote
access connections
and Internet-facing
ICS devices.
www.intelligentciso.com | Issue 29
23