ICS vulnerability disclosures surge 110% over the last four years

2022-03-08 06:00

Industrial control system vulnerability disclosures grew a staggering 110% over the last four years, with a 25% increase in the second half of 2021 compared to the previous six months, according to a research released by Claroty.

"As more cyber-physical systems become connected, accessibility to these networks from the internet and the cloud requires defenders to have timely, useful vulnerability information to inform risk decisions," said Amir Preminger, VP of research at Claroty.

"The increase in digital transformation, combined with converged ICS and IT infrastructure, enables researchers to expand their work beyond OT to the XIoT. High-profile cyber incidents in 2H 2021 such as the Tardigrade malware, the Log4j vulnerability and the ransomware attack on NEW Cooperative show the fragility of these networks, stressing the need for security research community collaboration to discover and disclose new vulnerabilities."

Key findings ICS vulnerability disclosures grew 110% over the last four years, demonstrating heightened awareness of this issue and the growing involvement of security researchers shifting toward OT environments.

50% of the vulnerabilities were disclosed by third-party companies and a majority of these were discovered by researchers at cybersecurity companies, shifting their focus to include ICS alongside IT and IoT security research.

Vulnerabilities disclosed by internal vendor research grew 76% over the last four years.

News URL

https://www.helpnetsecurity.com/2022/03/08/ics-vulnerability-disclosures-grew/

#disclosure #ICS #vulnerability