ICS threat landscape highlights

2021-02-26 04:00

"The convergence of an increasingly ICS-aware and capable threat landscape with the trend towards more network connectivity means that the practical observations and lessons learned contained in our 2020 YIR report are timely as the community continues to work to provide safe and reliable operations."

ICS threat activity continues to rise - both in terms of the number of distinct groups tracked and the industries and regions that they are targeting.

Analysts identified four distinct new ICS Activity Groups primarily targeting energy and manufacturing, known as KAMACITE, STIBNITE, TALONITE, and VANADINITE. The eleven previously identified Activity Groups were also observed expanding their targeting to new sectors and regions, as well as modifying their behaviors with many seeking to exploit the tectonic shift to remote work to gain access to industrial networks.

Analysis of these vulnerabilities and related advisories found that a slim minority could be classified as flaws that require immediate actions, such as critical vulnerabilities with perimeter-facing and network exploitable vulnerabilities.

Based on a growing set of data gathered from annual service engagements conducted by cybersecurity experts across multiple industries, Dragos found that 90% of its services clients had little to no visibility into their ICS environments.

Many customers only monitored the IT to OT boundary without monitoring activity inside the ICS network.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/SUD7ioGAY08/

#ICS #threat