It is currently 18-12-2017 04:12

Control system of production processes is subject to more than 1 thousand vulnerabilities

Control system of production processes is subject to more than 1 thousand vulnerabilities

by sigismund » 2016-08-04 11:53:44


Many of the vulnerabilities are still unpatched.


Since 2000, security researchers from FireEye Intelligence iSIGHT discovered and published data on 1 600 vulnerabilities in the systems of automatic regulation and control of production processes. The gaps affect the operation of sensors, programmable controllers, software, and network equipment used for automation and monitoring of physical processes. Many of the vulnerabilities are still unpatched. Starting in 2009, and today state-sponsored hackers actively exploited in cyberattacks five vulnerabilities in control systems of production processes. This is stated in the report, FireEye.

The detection in 2010 of Stuxnet malware has attracted the attention of security researchers to the analysis of vulnerabilities in industrial control systems. According to the report, in the period from January 2000 to December 2010 were identified 149 vulnerabilities. Only in April 2016, the number of detected holes numbered 1 552. Security researchers are confident that this trend will progress.

The majority (53%) of the detected 801 Feb 2013 vulnerabilities associated with the Level 2 (L2) in a simplified architectural model of Purdue that describes how a production device interface with computers. According to experts, due to the fact that cyber criminals easier to get software L2 than L1.

According to the report, out of 516 552 1 of the vulnerabilities has not been released hotfix. This means that 33% were zero-day vulnerabilities. According to the researchers, this figure in the near future will not change significantly.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5