Operational technology and industrial control systems saw a 110 percent increase in the number of vulnerabilities disclosed in the second half of last year.
The latest Biannual ICS Risk & Vulnerability Report from Claroty shows that remotely exploitable vulnerabilities are still causing problems, demonstrating the importance of securing remote connections.
The report, by Claroty’s Team82 research unit, identifies what it calls the Extended Internet of Things (XioT), which takes in not only operational technology, but also connected medical devices and other IoT systems within the enterprise. It shows that 34 percent of vulnerabilities disclosed in the second half of 2021 were found in software and firmware running within systems not designated as purely OT.
Software fixes are easier to implement than those involving firmware, with 74 percent of fully remediated vulnerabilities being software-based.
What’s also concerning is that 87 percent of all ICS vulnerabilities reported in the period covered by the report are ‘low complexity’, meaning an attacker doesn’t need any special conditions to be met and can expect repeatable success each time. In addition 63 percent of vulnerabilities disclosed in the same timeframe could be executed remotely, and 53 percent gave attackers the ability to remotely execute code. What’s more 70 percent can be executed with no special privileges.
Writing on the Claroty blog, security researcher Chen Fradkin says, “We urge you to download the report, share it with your technical colleagues and internal decision-makers. This is the best snapshot you’ll find of the current XIoT vulnerability landscape, and an essential tool to help prioritize vulnerability remediation efforts, and risk mitigation within your company.”
You can read more and get the full report on the Claroty blog.
Image credit: Scharfsinn/depositphotos.com