One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1894714 |
| Date de publication | 2020-09-02 11:00:00 (vue: 2020-09-02 15:06:07) |
| Titre | How Covid-19 has increased vulnerabilities in Industrial Control Systems |
| Texte | This blog was written by an independent guest blogger. By now, most are aware that the Covid-19 pandemic has led to a spike in cyberattacks. This sharp increase in malicious activity related to COVID has taken the typical form of adversaries seeking to benefit financially, gain unauthorized access to networks for immediate and long-term strategic benefit, and spread misinformation with political agendas. Much of this is a direct result of the work from home (WFH) phenomenon. With organizations and businesses rapidly deploying systems and networks to support remote staff, criminals can’t help themselves. Increased security vulnerabilities have offered the opportunity to steal data, generate profits, and generally cause havoc. In one four-month period (January to April) some 907,000 spam messages, 737 incidents related to malware, and 48,000 malicious URLs – all related to COVID-19 – were detected by one of INTERPOL’s private sector partners. There are a number of other threats, though, that have also been caused by the pandemic but that are less visible. One of these is the increased vulnerability of industrial control systems. The threat The most up to date data on the vulnerability of industrial control systems, and how this has been affected by the pandemic, comes courtesy of the ICS Risk & Vulnerability Report, released this week by Claroty. This research contains an assessment of 365 ICS vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) during the first half of 2020, affecting 53 vendors. The findings are striking, and particularly so given how many systems engineers now work from home. Fully 70% of the vulnerabilities published by the NVD can be exploited remotely, while the most common potential impact is remote code execution, which is possible with 49% of the vulnerabilities. When combined with the fact that recent research has found that 83% of firms are simultaneously struggling to ensure the security of remote working systems, this is highly concerning. In practice, this means that if an organization’s remote working systems are insecure – which seems likely, given the difficulties that many have reported in recent months – then hackers may be granted an increased capability to remotely execute malicious code on industrial systems. The Impact The increased likelihood of this kind of attack should concern all organizations working with industrial control systems, but especially those companies employing centralized systems such as DCS, SCADA, or PLS. In recent years, these solutions have been used for networking previously discrete industrial systems together. While this has allowed organizations to dramatically increase their efficiency and productivity, it potentially leaves these systems open to laterally-deployed cyberattacks. This risk is compounded by a similarly worrying trend in international cyber warfare. Tho |
| Envoyé | Oui |
| Condensat | 000 139 2020 365 737 907 abiding ability access accurately activity actors adversaries adverse advisories affect affected affecting against agendas all allowed alone already also among amplified analysts applying april are assessment attack attacks attention aware awareness backup bad because been benefit best blog blogger built businesses but can can’t capability cause caused centralized cert check claroty code combined comes coming common communications community companies comply compounded compromised concern concerning conditions conducting configuring consequences consider consistent contains context control could courtesy covid criminals crucial cyber cyberattack cyberattacks damage data database date dcs deployed deploying detected detecting devices difficulties direct discrete dissimilar documented down dramatically due during efficiency electronic emergency employing engineers ensure ensuring enterprise environment especially even events execute execution exploited facilities fact fight files filtering financial financially findings firewalls firms first focus form found four from fully functionality future gain generally generate get given going granted guest guidelines hack hackers hackers’ half has have havoc health help highly home how however human ics ignored immediate impact impacted important improving incident incidents include: increase increased independent industrial information infrastructure insecure institute international interpol’s intrusion issued issues it’s itself january kind known largely last lateral laterally lead learn least leaves led less like likelihood likely limiting locked logical long losses machinery machines maintaining malicious malware manages mandatory manufacturers many may means measures meet messages might mimic misinformation modification monitoring month months most movement much national need network networking networks nist not now number nvd offered one ongoing only open operate operation opportunity organization’s organizations other pandemic particularly partners patched pay period personnel phenomenon phishing physical place pls policies political possible post potential potentially power practice practices prevention previously private procedures processes production productivity profits proprietary protect protecting protection published quick rapidly reality recent recognize recommendations recovery refresher regulation regulators regulatory reinvent related released remote remotely report reported research resource responding response responsibilities restricting result reviewing rise risk rushing safety scada scanning scrutiny sector security seeking seem seems seen services severe sharp should similarly simultaneously solutions some spam specific specifically spike sponsored spread staff standards state steal steps strategic striking struggling successful such support systems take taken target team technology term themselves then therefore these those though threat threats time together top trend type typical unauthorized urls usa used vendors visible vulnerabilities vulnerability wake warfare warn we’ve week well wfh wheel when which who will withstand work working worrying worse written years your |
| Tags | Spam Hack Vulnerability Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.