Can MSSPs Mitigate Rising ICS, IOT Vulnerability Issues? - Hexafusion Blog | Hexafusion

Hexafusion Blog

Can MSSPs Mitigate Rising ICS, IOT Vulnerability Issues?

Vulnerabilities across industrial control systems (ICS) rose by 25 percent in the second half of 2021 and overall by 110 percent over the last four years, according to a new report.

Claroty’s fourth Biannual ICS Risk & Vulnerability Report also found that ICS vulnerabilities are expanding beyond operational technology (OT) to the Extended Internet of Things (XIoT), with 34 percent affecting IoT, industrial healthcare (IoMT), and enterprise IT assets in 2H 2021, the security provider said.

As industrial control systems are increasingly connected to the internet, hackers can infiltrate the systems with potentially devastating consequences. Managed security service providers focused on ICS security should take note of the skyrocketing number of ICS vulnerabilities to stay abreast of essential patch management.

Eight key findings from the study:

797 vulnerabilities were published in 2H 2021, representing a 25% increase from 637 in 1H 2021. 34% of vulnerabilities disclosed affect IoT, IoMT, and IT assets, showing that organizations will merge OT, IT, and IoT under converged security management. Asset owners and operators must have a thorough snapshot of their environments in order to manage vulnerabilities and reduce their exposure. 50% of the vulnerabilities were disclosed by third-party companies, a majority of which were found by in-house researchers. Vulnerabilities disclosed by internal vendor research grew 76% over the last four years. 87% of vulnerabilities are low complexity in that they don’t require special conditions and an attacker can expect repeatable success every time. 70% don’t require special privileges before successfully exploiting a vulnerability, and 64% of vulnerabilities require no user interaction. 63% of the vulnerabilities disclosed may be exploited remotely through a network attack vector. The leading potential impact is remote code execution (prevalent in 53% of vulnerabilities), followed by denial-of-service conditions (42%), bypassing protection mechanisms (37%), and allowing the adversary to read application data (33%). The top mitigation step is network segmentation (recommended in 21% of vulnerability disclosures), followed by ransomware, phishing and spam protection (15%) and traffic restriction (13%).

“High-profile cyber incidents in 2H 2021 such as the Tardigrade malware, the Log4j vulnerability and the ransomware attack on NEW Cooperative show the fragility of these networks, stressing the need for security research community collaboration to discover and disclose new vulnerabilities,” said Amir Preminger, vice president of research at Claroty.

Meanwhile, the Department of Homeland Security’s cyber wing would have more responsibility to protect industrial controls systems (ICS) from cyber attacks, should a bill that has made it through the House but not yet the Senate be signed into law. The bipartisan DHS Industrial Control Systems Enhancement Act would give the Cybersecurity and Infrastructure Security Agency (CISA) the responsibility to maintain capabilities to identify threats to industrial control systems.

Here’s what the bill calls on CISA to do:

Lead federal government efforts to identify and mitigate cybersecurity threats made to ICS. Maintain threat hunting and incident response capabilities to respond to ICS cybersecurity risks and incidents. Provide cybersecurity technical assistance to industry end users, product manufacturers, other federal agencies, and other ICS stakeholders. Collect, coordinate, and provide vulnerability information to the ICS community. Brief Congress on its ICS capabilities starting six months after the bill is enacted and then every six months for four years.
Original author: D. Howard Kass
The Cloud-Native Opportunity for Zero Trust
10 Signs of a Poor Security Leader

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 20 May 2022

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://hexafusion.com/

Customer Login

News & Updates

Hexafusion is proud to announce the launch of our new website at www.hexafusion.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Hexafusion can do for your business.

Hexafusion
250 - 997 Seymour Street
Vancouver, British Columbia V6B 3M1