One Article Review
| Source |  Kovrr |
|---|---|
| Identifiant | 8393613 |
| Date de publication | 2020-03-22 00:00:00 (vue: 2023-10-10 07:25:35) |
| Titre | Comment l'IoT industriel pourrait déclencher le prochain cyber-catastrophieffect d'urgence / 11 sur l'industrie manufacturière américaine révèle 7 milliards de dollars pour les eaux autres How Industrial IoT could Trigger the Next Cyber CatastropheEffect of URGENT/11 on the US Manufacturing Industry Reveals $7 Billion ExposureRead More |
| Texte | IntroductionOn 29th July 2019, the cyber security firm Armis announced that it had found eleven different vulnerabilities in the operating system âVXworksâ which they believe exposed around 200 million critical devices. The team at Armis dubbed this group of vulnerabilities: URGENT/11. This report explores how the discovery of URGENT/11 demonstrates the susceptibility of global manufacturing businesses to large losses from a cyber-attack event and the potential impact on commercial P&C (re)insurers.âThe Operating System at the Heart of the IssueVxWorks is a widely used, but lesser known, lightweight IoT real-time operating system (RTOS). This operating system is embedded in over 2 billion devices in the US and worldwide. These range from large-scale industrial machinery controlling installations such as nuclear power stations and oil production platforms, to smaller systems throughout the worldâs automotive, aviation, agri-business, textile, logistics and pharmaceutical facilities. A malicious attack could affect what is known as the SupervisoryControl and Data Acquisition (SCADA), the system that allows industrial organizations to gather and monitor real-time data in their manufacturing and distribution systems. Critically, VxWorks is also part of what are known as Industrial Control Systems (ICS) â software that manages the industrial processes themselves.âNot a Quick FixAs with any type of software vulnerability, affected organizations need to patch vulnerabilities quickly. However, in the case of URGENT/11, the necessary patches can be very expensive to apply immediately, because the affected devices are critical to day-to-day operations. Patching a vulnerability requires stopping or interrupting the device, which could lead to significant business disruption. Furthermore, while very large organizations have the financial and technical resources to implement system patches quickly, smaller manufacturers â who may nevertheless be critical to the supply chain â often do not. They may buy equipment that happens to contain VxWorks, but do not expect to have to maintain the software or even be aware of its existence.âQuantifying URGENT/11âs Potential Loss Scenarios for the US Manufacturing IndustryTo understand the extent of companies that were vulnerable to URGENT/11, their susceptibility to being attacked, and the effect an attack might have industry wide, Kovrr deployed its proprietary technologies. The first step was to gather real-time information about the distribution of VxWorks in the US manufacturing sector. To achieve this, Kovrr leveraged its ability to continuously collect relevant business intelligence, cyber threat intelligence, external and internal security data. As a result, we were able to identify companies with devices that were utilizing the VxWorks operating system. For internal mapping, access to multiple security vendors\' data is essential because each vendor has its own expertise and distribution, in terms of geolocation, served industries, defense level focus, mapped devices, etc. In the case below involving an industrial sector, unique data focused on IoT devices is needed. Kovrr partners with a diverse range of data providers to detect and map beyond the firewall devices and security control mechanisms. By having access to Armis\' proprietary IoT fingerprinting technology, we were able to produce a highly granular map of any IoT device being used by one organization.We can then accurately assess any IoT related emerging vulnerability on clients\' portfolios. In order to understand the nature of these businesses, including their sector, size and place in the supply chain; we use publicly available information linked to a variety of proprietary data-sources including our own. This technique is similar in principle to the exposure-data cleansing and augmentation used by catastrophe modelers. Having developed a sophisticated view of the affected businesses, we have selected a series of events fro |
| Envoyé | Oui |
| Condensat | 000 000in 000once 000the 200 2019 250 295 29th 500 700 800 ability able about access accordingly account accurate accurately achieve acquired acquisition activated affect affected affirmative agri all allows also amir amitai analysis announced any apply are armis around assess asset assume attack attacked augmentation automotive available average aviation avoid aware awareness based because before being believe below between beyond billion boltman both business businesses but buy calculate calculated calculating campaign can capability car cars case catastrophe catastropheeffect caused causes causing chain chain; changing cleansing clear clients clouston collect combustion commercial common companies company complete composed concrete conditions conditionsâinsured conduct contain continuously contributed control controllers controlling cost could cover coverage covered covers critical critically cyber damage data david day defense delta demand demonstrates denial deployed derived detect determine determined deterministic developed device devices different discovery disruption distribution diverse does dubbed due each economic effect either eleven embedded emerging entire environmental equals equipment equipped escalating essential estimating etc even event events example exclusion exist existence expect expensive expertise exploiting explores exposed exposure exposureread exposureseconomic extent external facilities fact failure financial fingerprinting firewall firm first fixas focus focused found from full function furthermore gather generate geolocation global golan granular gross ground group hacktivist had halts happens has have having heart highly hold how however ics identified identify immediately impact impacting implement including industrial industries industry industry$7 industryto information initiate installations insurance insurances insured insurers intelligence internal internet interrupting interruption introduced introductionon involving iot issuevxworks its joseph july known kovrr kovrrâs landscape large largest lead leading lesser level leveraged lightweight limits linked logistics loss loss$7 losses lossglobal lossâgross lower machinery maintain malicious managers manages manufacturer manufacturers manufacturers$13 manufacturers$18 manufacturing map mapped mapping may mechanisms midsize might million modelers monitor more multiple multiplying must naomi nature necessary need needed network nevertheless new newly next not nuclear number often oil one one: operating operations order organization organizations out output outside over overly own p&c part partial partners patch patches patching periods pharmaceutical pinpointed place platforms point policies portfolios portfolioâs potential power predict price principle process processes produce production profit proprietary providers publicly quantify quick quickly ran range ransomware rapidly ratio reaching react real related relevant report represents requires resources result results reveals risk risks rtos run sabotage scada scale scenario scenarios second sector sectora security selected sensors series served service set shutdown significant silent similar single size sizes small smaller software sophisticated sources specific starts stations statistical step stochastic stopping subset such suffer sufficient supervisorycontrol supply susceptibility system systemic systems take team technical technique technologies technology terms textile than themselves then theoretical these threat throughout time timely tom took total treaties trigger triggered two: type understand unintentionally unique until urgent/11 urgent/11âs usa use used using utilizing value variance variety vendor vendors very view vulnerabilities vulnerabilities: vulnerability vulnerable vxworks waiting weisz what which who wide widely widespread will wolf world worldwide worldâs yakir âconclusionthe âexample âgross âlarge ânot âquantifying âthe ââkovrrâs â âvxworksâ |
| Tags | Ransomware Vulnerability Threat Industrial Prediction |
| Stories | |
| Notes | ★★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.