OVERLOAD
ics-vulnerability-trend-report-final
ics-vulnerability-trend-report-final
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
CONTENTS<br />
Introduction 3<br />
Key Judgments 4<br />
Methodology 5<br />
By the Numbers 5<br />
ICS-Specific Vulnerability Disclosures Over Time 6<br />
Stuxnet Drove Interest in ICS-Specific Vulnerabilities 6<br />
Average Yearly Disclosures Likely to Increase, but Not 2015 Rate 6<br />
Vulnerabilities by ICS Level 7<br />
Most Disclosures Affect Level 2 Probably Due to Researcher Familiarity<br />
and Product Availability 8<br />
Access to Level 2 Allows for a Threat Actor to Manipulate Processes 8<br />
Patch Availability 9<br />
More Than One-Third of ICS Vulnerabilities are Unpatched at the Time<br />
of Disclosure, a Trend Likely to Persist 9<br />
ICS Vulnerabilities Exploited in The Wild 10<br />
Exploitation of ICS-Specific Vulnerabilities to Accrue at Slow Rate 10<br />
Sandworm Team Undermines Three Ukranian Electricity Distributors 10<br />
Outlook 11<br />
Recommendations 11