Security News > 2021 > August > Analysis of ICS Exploits Can Help Defenders Prioritize Vulnerability Remediation

Analysis of ICS Exploits Can Help Defenders Prioritize Vulnerability Remediation
2021-08-06 11:32

Industrial cybersecurity firm Dragos has published an analysis of exploits targeting vulnerabilities in industrial control systems and operational technology systems.

One possible explanation is that Trend Micro's Zero Day Initiative has acquired many ICS vulnerabilities, and ZDI can prevent researchers from making public their proof-of-concept exploits.

Dragos is aware of nearly 600 public ICS exploits targeting the products of over 110 vendors.

In many cases, researchers release PoC exploits when they disclose the vulnerabilities they have found in order to help others gain a better understanding of their work.

If these exploits are not taken into account, Dragos has determined that the median time for an exploit to become public after the disclosure of a vulnerability is 24 days.

Roughly 10% of the ICS exploits tracked by the cybersecurity firm have been exploited in malicious attacks, and the highest percentages target the enterprise and the site operations levels.


News URL

http://feedproxy.google.com/~r/securityweek/~3/MiM3ejygvLo/analysis-ics-exploits-can-help-defenders-prioritize-vulnerability-remediation