According to a new report published by CyberX this week, entitled the ” 2019 Global ICS & IIoT Risk Report,” hackers and malicious state actors are increasingly targeting Industrial Control Systems (ICS) and the Industrial Internet of Things (IIoT) all across the globe. To gather data and asses the risks posed to several of the world’s most vital industrial sectors, including manufacturing, pharmaceutical, Energy/Utilities and Natural Gas, CyberX studied the inner working of 850 Industrial Control Systems on 6 continents, as well as the types of attacks being launches against them throughout 2017 – 2018. In this sense, the data obtained presented researches with a sense of what to come for these industries/sectors in the years(s) to follow, and what these industries need to focus on to secure themselves in the future.
While the data showed that industrial and critical infrastructure organizations have improved their security measures recently, major gaps still exist across several key areas. For example, here are some of the key takeaways highlights by Cyberx‘s Executive Summary of their full research project- the full research report has been obtained by Rogue Security Labs, featured below.
- 40% of industrial sites have at least one direct connection to the internet
- 53% of industrial sites have outdated Windows systems like XP
- 69% have plain-text passwords traversing the network
- 57% of sites are still not running anti-virus protections that update signatures automatically
- 16% of sites have at least one Wireless Access Point
- 84% of sites have at least one remotely accessible device
Of the 4 major industrial hubs, in order of least secured to most secured heading into the future, at the present moment in time the most vulnerable industries are Manufacturing and Pharmaceutical, followed by Energy/Utilities and Natural Gas. CyberX developed a risk score ranking these industries in several areas based on the categories listed above. In their analysis here are the rankings for each industry.
- Manufacturing 67%
- Pharmaceutical & Chemicals 68%
- Energy & Utilities 79%
- Natural Gas 81%
Full Report from CyberX:CyberX Global ICS IIoT Risk Report
Categories: Hacking News