Remotely Exploitable Industrial Control System Vulnerabilities Sees Surge

A significant rise in the number of ICS vulnerabilities was found in the first half of 2020, as per a new report.

New research from OT security firm Claroty has revealed that there has been a significant rise in the number of industrial control system (ICS) vulnerabilities in the first half of 2020 that can be remotely exploited.

The “ICS Risk & Vulnerability Report” said there were 365 vulnerabilities in ICS systems from 53 vendors. As per the report, 70% of the vulnerabilities could be exploited remotely. The potential of remote attacks on ICS has increased owing to the rapid shift to work from home model.

Amir Preminger, vice president of research at Claroty said, “There is a heightened awareness of the risks posed by ICS vulnerabilities and a sharpened focus among researchers and vendors to identify and remediate these vulnerabilities as effectively and efficiently as possible,”

Over 75% of vulnerabilities published in the first half of 2020 were assigned high or critical Common Vulnerability Scoring System (CVSS) scores, found the report.

Here are a few ways in which security leaders can protect OT systems from known and undiscovered vulnerabilities.

Read More: Cloud Transition During the COVID-19 – Exposing the Enterprise Vulnerabilities

• Securing remote connections

It is essential to secure the remote connections that have been increasing due to a shift to remote working. Companies need to ensure the VPNs used by employees are the latest versions. In addition to monitoring remote connections for OT networks and ICS devices, it must be ensured that employees use granular permissions and use multi-factor authentication.

• Prepare for Phishing Attacks

A single successful phishing attack on a user with sensitive information can compromise OT and ICS networks. It is necessary to train employees with basic anti-phishing tips like not opening emails from untrusted sources, avoiding clicking links in emails, never giving out passwords via email, and so on.

• Safety of ICS devices

Most of the time, it is necessary to connect ICS devices to the internet; however, it is also possible for sensitive devices to get hacked due to the negligence while closing a port or putting a software setting in the wrong direction.

Read More: Google Tempts Hackers and Researchers to Disclose System Vulnerabilities

• Other safety measures

ICS operators need to assign permissions granularly to ensure that a user who needs access to a single machine doesn’t have access to multiple ones. Moreover, it is essential to encrypt all remote access connections and make sure appropriate remote access tools are being used.

Security leaders should prioritize segmenting OT networks and conduct continuous threat monitoring. Lastly, it is necessary to be up-to-date on the latest threats to ICS systems and OT networks.