Team82, Claroty's research department, identified the 250th ICS vulnerability and took stock: the majority of the vulnerabilities allow execution of unauthorized code and can be exploited remotely.
Just over two years after its inception, Team82, the research division of industrial cybersecurity specialist Claroty, published its 250th critical vulnerability in industrial control systems (ICS).
Critical weak points in industrial control systems
The identified security gaps concern software, firmware and communication protocols of industrial plants as well as facilities of the critical infrastructure and thus have a direct impact on the population worldwide, for example in the area of water supply. A good three quarters of the weak points are classified as critical or serious. Thanks to the close cooperation with Claroty's partners such as Rockwell Automation or Siemens, these could be remedied or recommendations for action to reduce risk were given.
Given that a large part of legacy systems still run reliably in OT networks, troubleshooting easily accessible automation products and network protocols is a necessary and essential first step in improving cybersecurity in industrial companies worldwide. With security research goes hand in hand with the responsibility to educate plant operators about their risk exposure and to illustrate how newly networked ICS devices and OT networks are more vulnerable to attacks than ever before.
Companies are looking for cooperation
The balance after 250 identified weaknesses: A total of 40 manufacturers were affected. Most of the vulnerabilities were found at Siemens (36), Rockwell Automation and Schneider Electric (28 each). However, this does not indicate a lack of secure software or firmware development with these vendors. Rather, these numbers illustrate their willingness to work with researchers to fix vulnerabilities before they are exploited, and to improve overall security measures. In addition, the top 3 are also the most important suppliers in the field of industrial control systems, which is why they arouse particular interest from researchers.
71 percent of the weak points can be exploited remotely. Almost 20 percent are classified as critical, around 57 percent as serious. The most common effects caused by the vulnerabilities are the execution of unauthorized code, denial-of-service attacks, and the modification and reading of application data. During its research, Team82 also discovered some novel attack techniques and concepts on ICS devices and OT networks, especially in the areas of the cloud, remote access and attacks on PLCs.
More at Claroty.com
About Claroty Claroty, the Industrial Cybersecurity Company, helps its global customers discover, protect and manage their OT, IoT and IIoT assets. The company's comprehensive platform can be seamlessly integrated into customers' existing infrastructure and processes and offers a wide range of industrial cybersecurity controls for transparency, threat detection, risk and vulnerability management and secure remote access - with significantly reduced total cost of ownership.