Asset visibility and security agency Armis has launched a new report pinpointing the riskiest products that threaten critical infrastructure industries.
In particular, the investigation targeted on production, utilities and transportation corporations. It concluded that the operational technology (OT) and industrial command methods (ICS) products that current the maximum risk to these industries are engineering workstations, SCADA servers, automation servers, historians and programmable logic controllers (PLCs).
Read a lot more on threats to these programs: Pretty much 50 percent of Industrial Sector Desktops Influenced By Malware in 2022
Among these equipment, engineering workstations acquired the highest variety of attempted attacks in the industry over the earlier two months, adopted by SCADA servers.
The news statistics expose that 56% of engineering workstations have at the very least 1 unpatched critical vulnerability, and 16% are prone to weaponized vulnerabilities revealed for about 18 months.
“In an ICS environment, it is really popular to have susceptible equipment, so professionals will need to see what belongings are on their network and extra intelligence on what all those devices are truly doing,” explained Armis CTO and co-founder, Nadir Izrael.
“Contextual information will empower groups to determine what risk every single product poses to the OT natural environment so that they can prioritize remediation of critical and/or weaponized vulnerabilities to rapidly minimize the attack area.”
The research also highlights the vulnerabilities of devices such as uninterruptible energy materials (UPS).
For instance, 60% of UPS devices have at minimum one particular unpatched critical vulnerability, possibly enabling criminals to result in actual physical damage. Moreover, 41% of PLCs have at the very least a single unpatched critical vulnerability, posing a danger to significant operations.
The examine also points out that numerous other units, such as barcode readers, industrial-managed switches, IP cameras and printers, are at risk because of to weaponized vulnerabilities posted right before January 2022.
According to Izrael, collaboration involving OT and IT groups is critical in addressing these vulnerabilities.
“Cross-departmental assignments will enable streamline procedure and useful resource administration and attain better compliance and info security,” the govt additional.
“Overall, to navigate the worries of the new industrial era, security experts have to have an IT/OT convergence security resolution that shields all property linked to the network.”
Armis will be exhibiting at Infosecurity Europe next 7 days.
Some parts of this article are sourced from:
www.infosecurity-journal.com