FireEye has revealed that vulnerabilities in industrial control systems (ICS) – the technological backbone of electricity grids, water supplies, and production lines – have risen sharply over the past six years. These vulnerabilities affect the reliable operation of sensors, programmable controllers, software and networking equipment used to automate and monitor the physical processes that keep our modern world running.
Over one third of the nearly 1,600 vulnerability disclosures that FireEye examined have no fixes issued by the vendors, presenting clear opportunities for adversaries. Nation-state cyber threat actors have exploited five of these vulnerabilities in attacks since 2009, and four of these can be tied to direct geopolitical objectives. FireEye expects the rate of exploits will increase in the future.
To improve security, FireEye recommends organizations with ICS:
- Prepare their security teams with an accurate understanding of control system assets, their locations, and functions.
- Obtain structured vulnerability and patch feeds that cover a wide variety of sources.
- Match the vulnerability disclosures and patch announcements against their asset inventory.
- Track vulnerable and unpatched products currently used in their industrial environments.
- Prioritize vulnerability remediation e orts by considering ICS architecture location, simplicity of exploitation and possible impact on the controlled industrial process.
“Security personnel from manufacturing, energy, utilities and other sectors are often unaware of their own control system assets, not to mention the vulnerabilities that affect them. As India’s efforts to digitize utilities and other services move ahead, it is critical that organizations assess the risks they face and ensure they can detect and respond to cyber attacks against them,” said Bryce Boland, Chief Technology Officer for Asia Pacific at FireEye.
