Disclosed ICS Vulnerabilities Surged During Second Half of 2020

A substantial rise in industrial control system (ICS) vulnerabilities were detected in the second half of 2020, according to Claroty’s second Biannual ICS Risk & Vulnerability Report.

The research revealed that there had been a 25% year-on-year rise in ICS vulnerabilities disclosed in this period, and a 33% increase compared to H1 of 2020. Throughout the six-months, a total of 449 vulnerabilities affecting ICS products from 59 vendors were highlighted, 70% of which were assigned high or critical Common Vulnerability Scoring System (CVSS) scores. Around three-quarters (76%) do not require authentication for exploitation.

A major factor for this increase has been the shift to digital across all industries, creating an expanded potential attack surface. Worryingly, more than two-thirds of disclosed vulnerabilities were remotely exploitable through network attack vectors.

The sectors that experienced the biggest rises in ICS vulnerabilities compared to the second half of 2019 were critical manufacturing (15%), energy (8%), water and wastewater (54%) and commercial facilities (14%).

An encouraging finding from the report was that third party researchers were responsible for 61% of discoveries, which indicates a growing focus on including ICS alongside IT security research. This increased focus on identifying ICS vulnerabilities partly explains the surge in detections disclosed.

Amir Preminger, vice-president of research at Claroty, commented: “The accelerated convergence of IT and OT networks due to digital transformation enhances the efficiency of ICS processes, but also increases the attack surface available to adversaries.

“Nation state actors are clearly looking at many aspects of the network perimeter to exploit, and cyber-criminals are also focusing specifically on ICS processes, which emphasizes the need for security technologies such as network-based detection and secure remote access in industrial environments. It is heartening to see a growing interest in ICS within the security research community, as we must shine a brighter light on these vulnerabilities in order to keep threats at arm’s length.”

What’s Hot on Infosecurity Magazine?