Security News > 2021 > September > The cybersecurity of industrial companies remains low, potential damage can be severe

Among key findings, an external attacker can penetrate the corporate network at 91% of industrial organizations, and penetration testers gained access to the industrial control system networks at 75% of these companies.

Once criminals have obtained access to ICS components, they can shutdown entire productions, cause equipment to fail, trigger chemical spills and even industrial accidents that could cause series harm to industrial employees or even death.

Olga Zinenko, Senior Analyst at Positive Technologies, said: "Today, the level of cybersecurity at most industrial companies is too low for comfort. In most cases, internet-accessible external network perimeters contain weak protection, device configurations contain flaws, and we find a low level of ICS network security and the use of dictionary passwords and outdated software versions present risks."

At 75% of industrial companies, specialists managed to gain access to the technological segment of the network, which allowed them to then access actual industrial control systems in 56% of cases.

Industrial companies attract criminals because of their size, the importance of business processes, and their impact on the world and people's lives.

Industrial companies are recommended to leverage cyber-ranges to help analyze the cybersecurity of production systems, and enable infosecurity specialists to correctly verify the cyber events that are unacceptable to their business, evaluate their implications, and assess possible damage without disrupting real business processes.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/aVesx7kZoxA/