OVERLOAD

Recommendations

Info

CONTENTS Introduction 3 Key Judgments 4 Methodology 5 By the Numbers 5 ICS-Specific Vulnerability Disclosures Over Time 6 Stuxnet Drove Interest in ICS-Specific Vulnerabilities 6 Average Yearly Disclosures Likely to Increase, but Not 2015 Rate 6 Vulnerabilities by ICS Level 7 Most Disclosures Affect Level 2 Probably Due to Researcher Familiarity and Product Availability 8 Access to Level 2 Allows for a Threat Actor to Manipulate Processes 8 Patch Availability 9 More Than One-Third of ICS Vulnerabilities are Unpatched at the Time of Disclosure, a Trend Likely to Persist 9 ICS Vulnerabilities Exploited in The Wild 10 Exploitation of ICS-Specific Vulnerabilities to Accrue at Slow Rate 10 Sandworm Team Undermines Three Ukranian Electricity Distributors 10 Outlook 11 Recommendations 11
INTRODUCTION In the past several years, a flood of vulnerabilities has hit industrial control systems (ICS) — the technological backbone of electric grids, water supplies and production lines. These vulnerabilities affect the reliable operation of sensors, programmable controllers, software and networking equipment used to automate and monitor the physical processes that keep our modern world running. Since 2000, FireEye iSIGHT Intelligence has identified nearly 1,600 publicly disclosed ICS vulnerabilities. Many of these are unpatched — and some are simply unpatchable due to outdated technology —providing open paths for adversarial exploitation. Nation-state cyber threat actors have exploited five of these vulnerabilities in attacks since 2009. Unfortunately, security personnel from manufacturing, energy, water and other industries are frequently unaware of their own control system assets, let alone the vulnerabilities that affect them. Organizations operating these systems are missing the warnings and leaving their industrial environments exposed. This report highlights trends in total ICS vulnerability disclosures, patch availability, vulnerable device type and vulnerabilities exploited in the wild. SPECIAL REPORT / 2016 ICS VULNERABILITY TREND REPORT 3
Page 1: FIREEYE iSIGHT INTELLIGENCE OVERLOA
Page 5 and 6: METHODOLOGY For the purpose of this
Page 7 and 8: VULNERABILITIES BY ICS LEVEL FireEy
Page 9 and 10: PATCH AVAILABILITY FIGURE 4: ICS-SP
Page 11 and 12: OUTLOOK RECOMMENDATIONS In summary,

OVERLOAD

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?