As state-sponsored attackers increase their activity and cyberwar escalates, security researchers are focusing their attention on industrial systems to surface vulnerabilities.
The number of vulnerabilities discovered in industrial control systems (ICS) grew 30% in 2018 compared to the prior year, with the share of critical or high severity vulnerabilities increasing by 17%, according to a report from Positive Technologies published Thursday.
Targeting of devices used in industrial, energy infrastructure, and manufacturing settings has increased over the past several years, as state-sponsored groups have sought to gain access to industrial systems for espionage purposes. The VPNFilter attack last year resulted in a flurry of accusations from the Ukrainian Security Service, calling out Russia as intending to destabilize the UEFA Champions League final.
SEE: Special report: Cyberwar and the future of cybersecurity (free PDF) (TechRepublic)
In terms of newly-discovered vulnerabilities in 2018, Schneider Electric led with 69, followed closely by Siemens with 66. Advantech and Moxa were third and fourth, with 37 and 36, respectively.
Industrial networking equipment, and HMI/SCADA equipment were tied for the most vulnerable component, at 23% each, followed closely by PLC/RTU devices at 21%.
“In 2018 we saw that industrial processes can be affected not only by targeted malware, such as Triton cyberweapon, but also by attacks against IT infrastructure,” Paolo Emiliani, research analyst at Positive Technologies, said in a press release. Emiliani also pointed to the LockerGoga ransomware attack, and the impact of WannaCry at Boeing and TSMC.
For more, check out “Vulnerabilities in industrial Ethernet switches allow for credential theft, denial-of-service attacks,” and “Software vulnerabilities are becoming more numerous, less understood.”