According to a report published by the industrial cybersecurity firm Claroty that focuses on the second half of 2020, the number of flaws discovered in industrial control system (ICS) products in 2020 (893 flaws) was 24,72% higher compared to 2019.
Experts reported that 449 vulnerabilities were disclosed affecting ICS products from 59 vendors during 2H 2020. More than 70% of the issues
were rated as high or critical Common Vulnerability Scoring System (CVSS) scores, down from more than 75% in 1H 2020.
“The number of ICS vulnerabilities disclosed in 2020 increased by 32.89% compared to 2018 and 24.72% compared to 2019. The primary factors for the increase are likely heightened awareness of the risks posed by ICS vulnerabilities and increased focus from researchers and vendors on identifying and remediating such vulnerabilities as effectively and efficiently as possible.” reads the report published by Claroty.
The data doesn’t surprise Claroty because researchers and vendors have spent a significant effort in searching for vulnerabilities in industrial products. Most of the vulnerabilities discovered in ICS systems (71.49%) are exploited through a network attack vector (i.e. remotely exploitable), and 89.98% of them don’t require special conditions to exploit.
60.8% of vulnerabilities were reported by third-party experts.
“Among all third-party companies, there were 22 that reported their first disclosures, further evidence of growth in the ICS vulnerability research market. continues the report.
The analysis of the impact of ICS flaw by infrastructure sector revealed that in the second half of 2020 critical manufacturing (194 vulnerabilities), energy (186), water and wastewater (111), and commercial facilities (108) were most impacted industries.
The majority of the products with disclosed and patched flaws in the 2H of 2020 belong to Schneider, Mitsubishi, and Siemens.
“Compounding the risk is the fact that attacks against ICS devices and OT networks tend to be targeted. While ICS and SCADA vulnerability research is maturing, there are still many decades-old security issues yet uncovered.” concludes the report. “For the time being, attackers may have an edge in exploiting them, because defenders are often hamstrung by uptime requirements and an increasing need for detection capabilities against exploitable flaws that could lead to process interruption or manipulation.”
Let me suggest to read with attention the report because it provides a clear picture of the security of ICS systems.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, ICS)