Claroty Releases Report on ICS Risk and Vulnerability

By Perry Cohen

Associate Editor

Embedded Computing Design

August 19, 2020

News

Claroty Releases Report on ICS Risk and Vulnerability

Claroty released its inaugural Biannual ICS Risk & Vulnerability Report. Per the report, over 70% of industrial control system (ICS) vulnerabilities disclosed can be exploited remotely.

Claroty released its inaugural Biannual ICS Risk & Vulnerability Report. Per the report, over 70% of industrial control system (ICS) vulnerabilities disclosed in the first half (1H) of 2020 can be exploited remotely.

The report, which was conducted by the company’s research team, is comprised of assessments of 365 ICS vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) during 1H 2020, affecting 53 vendors.

“There is a heightened awareness of the risks posed by ICS vulnerabilities and a sharpened focus among researchers and vendors to identify and remediate these vulnerabilities as effectively and efficiently as possible,” said VP of research at Claroty Amir Preminger, in a press release. “We recognized the critical need to understand, evaluate, and report on the comprehensive ICS risk and vulnerability landscape to benefit the entire OT security community.

“Our findings show how important it is for organizations to protect remote access connections and internet-facing ICS devices, and to protect against phishing, spam, and ransomware, in order to minimize and mitigate the potential impacts of these threats.”

The research team discovered a total of 26 ICS vulnerabilities during 1H of 2020. This prioritizes critical or high-risk vulnerabilities that could ultimately affect the safety of industrial operations.

Per the report, the vulnerabilities could impact affected OT networks, as more than 60% enable some form of RCE.

For more information, visit https://www.claroty.com/.

Perry Cohen, associate editor for Embedded Computing Design, is responsible for web content editing and creation, podcast production, and social media efforts. Perry has been published on both local and national news platforms including KTAR.com (Phoenix), ArizonaSports.com (Phoenix), AZFamily.com, Cronkite News, and MLB/MiLB among others. Perry received a BA in Journalism from the Walter Cronkite School of Journalism and Mass Communications at Arizona State university.

More from Perry