Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  News  >  Companies

News : Latest News
Latest NewsCompaniesMarketsEconomy & ForexCommoditiesInterest RatesBusiness LeadersFinance Pro.CalendarSectors

New Analysis of Real-World Network Traffic Reveals Alarming Prevalence of IoT and Industrial Control System Vulnerabilities

10/22/2019 | 09:13am EST

“2020 Global IoT/ICS Risk Report” illustrates why organizations are susceptible to costly downtime, catastrophic safety incidents and theft of sensitive intellectual property

CyberX, the IoT and industrial control system (ICS) security company, today announced the availability of its “2020 Global IoT/ICS Risk Report.”

The data illustrates that IoT/ICS networks and unmanaged devices are soft targets for adversaries, increasing the risk of costly downtime, catastrophic safety and environmental incidents, and theft of sensitive intellectual property.

Some of the top findings noted that these networks have outdated operating systems (71 percent of sites), use unencrypted passwords (64 percent) and lack automatic antivirus updates (66 percent).

Energy utilities and oil and gas firms, which are generally subject to stricter regulations, fared better than other sectors such as manufacturing, chemicals, pharmaceuticals, mining, transportation and building management systems (CCTV, HVAC, etc.).

Now in its third year, CyberX’s “Global IoT/ICS Risk Report” is based on analyzing real-world traffic from more than 1,800 production IoT/ICS networks across a range of sectors worldwide, making it a more accurate snapshot of the current state of IoT/ICS security than survey-based studies.

Including the data presented in previous reports, CyberX has now analyzed over 3,000 IoT/ICS networks worldwide using its patented M2M-aware behavioral analytics and non-invasive agentless monitoring technology.

Recommendations Focus on Prioritization and Compensating Controls
The report concludes with a practical seven step process for mitigating IoT/ICS cyber risk based on recommendations developed by NIST and Idaho National Labs (INL), a global authority on critical infrastructure and ICS security.

Experts agree that organizations can’t fully prevent determined attackers from compromising their networks. As a result, they recommend prioritizing vulnerability remediation for “crown jewel” assets — critical assets whose compromise would cause a major revenue or safety impact — while implementing compensating controls such as continuous monitoring and behavioral anomaly detection (BAD) to quickly spot intruders before they can cause real damage to operations.

“Our goal is to bring board-level awareness of the risk posed by easily-exploited vulnerabilities in IoT/ICS networks and unmanaged devices — along with practical recommendations about how to reduce it,” said Omer Schneider, CyberX CEO and co-founder.

“Today’s adversaries — ranging from nation-states to cybercriminals and hacktivists — are highly motivated and capable of compromising our most critical operational systems,” said Nir Giller, CyberX GM, CTO and co-founder. “It’s now incumbent on boards and management teams to recognize the risk and ensure appropriate security and governance processes are in place across all their facilities to address it.”

Summary of Key Findings

  • Broken Windows: Outdated Operating Systems. 62 percent of sites have unsupported Microsoft Windows boxes such as Windows XP and Windows 2000 that no longer receive regular security patches from Microsoft, making them especially vulnerable to ransomware and destructive malware. The figure rises to 71 percent with Windows 7 included, which reaches end-of-support status in January 2020.
  • Hiding in Plain Sight: Unencrypted Passwords. 64 percent of sites have unencrypted passwords traversing their networks, making it easy for adversaries to compromise additional systems simply by sniffing the network traffic.
  • Excessive Access: Remotely Accessible Devices. 54 percent of sites have devices that can be remotely accessed using standard management protocols such as RDP, SSH and VNC, enabling attackers to pivot undetected from initial footholds to other critical assets.

    For example, during the TRITON attack on the safety systems in a petrochemical facility, the adversary leveraged RDP to pivot from the IT network to the OT network in order to deploy its targeted zero-day malware.
  • Clear and Present Danger: Indicators of Threats. 22 percent of sites exhibited indicators of threats, including suspicious activity such as scan traffic, malicious DNS queries, abnormal HTTP headers, excessive number of connections between devices and malware such as LockerGoga and EternalBlue.
  • Not Minding the Gap: Direct Internet Connections. 27 percent of sites analyzed have a direct connection to the internet. Security professionals and bad actors alike know that it takes only one internet-connected device to provide a gateway into IoT/ICS networks for malware and targeted attacks, enabling the subsequent compromise of many more systems across the enterprise.
  • Stale Signatures: No Automatic Antivirus Updates: 66 percent of sites are not automatically updating Windows systems with the latest antivirus definitions. Antivirus is the very first layer of defense against known malware — and the lack of antivirus is one reason why CyberX routinely finds older malware such as WannaCry and Conficker in IoT/ICS networks.

CyberX will be presenting the results from the “Global IoT/ICS Risk Report” at the ICS Cyber Security Conference in Atlanta (October 21-24).

To access all the findings and expert recommendations, please download the full report here.

About CyberX
CyberX delivers the only cybersecurity platform built by blue-team experts with a track record of defending critical national infrastructure. That difference is the foundation for the most widely deployed platform for continuously reducing IoT/ICS risk and preventing costly production outages, safety and environmental incidents, and theft of sensitive intellectual property.

Notable CyberX customers include 2 of the top 5 US energy providers; a top 5 global pharmaceutical company; a top 5 US chemical company; multiple government agencies including the US Department of Energy; as well as national electric and gas utilities across Europe and Asia-Pacific. Integration partners and MSSPs include industry leaders such as IBM Security, RSA, Splunk, ServiceNow, Toshiba, HPE/Aruba, Optiv Security, McAfee, DXC Technology, Singtel/Trustwave, and Deutsche-Telekom/T-Systems. For more information visit CyberX.io or follow @CyberX_Labs.


© Business Wire 2019
Latest news "Companies"
05:00aPlutos Sama Holdings, Inc CEO Nominated for Excellence in Entrepreneurship
GL
04:52aART BASEL : Postponement of the show to September – three Online Viewing Rooms in 2021
PU
04:40aDAMPIER GOLD : High grade soils results confirm gold corridors at credo
PU
04:33aExxon Mobil lifts force majeure on exports of Nigeria's Qua Iboe crude oil - spokesman
RE
04:25aNigerian programmes emerging
RE
04:12aDO : & CO successfully placed EUR 100 million convertible bonds
PU
04:00aIMF urges deficit control in Tunisia even as protesters demand jobs
RE
03:45aASTRAZENECA : UK doctors call for shorter gap between Pfizer vaccine doses
RE
03:32aGuilty verdict in massive mining corruption case
RE
03:24aPROTRADE GARMENT JSC : Bom resolution
PU
Latest news "Companies"