GEC NEWS WIREIn a report on ICS threats landscape, Kaspersky Lab experts revealed 13,698 ICS hosts exposed to the Internet that more than likely belong to large organizations. These organizations include energy, transportation, aerospace, oil and gas, chemicals, automotive and manufacturing, food and drink, governmental, financial and medical institutions. 91.1% of these ICS hosts have vulnerabilities that can be exploited remotely.
To help organizations working with ICS to identify their possible weak points, Kaspersky Lab experts conducted an investigation into ICS threats.
The major findings of the Industrial Control Systems Threats Landscape report are- In total, 188,019 hosts with ICS components available via the Internet have been identified in 170 countries. The number of vulnerabilities in ICS components has increased tenfold during the past five years: from 19 vulnerabilities in 2010 to 189 vulnerabilities in 2015. The most vulnerable ICS components were Human Machine Interfaces (HMI), Electric Devices and SCADA systems. 91.6% (172,338 different hosts) of all the externally available ICS devices use weak Internet connection protocols, which opens the opportunity for attackers to conduct ’man in the middle’ attacks.
“Our research shows that the larger the ICS infrastructure, the bigger the chance that it will have severe security holes. There is no 100% guarantee that a particular ICS installation won’t have at least one vulnerable component at any single moment in time.” said Andrey Suvorov, Head of Critical Infrastructure Protection, Kaspersky Lab.
