Positive Technologies released today new search which examines the information security risks present in industrial companies, second most targeted sector by cybercriminals in 2020. Among the key findings, an external attacker can penetrate the corporate network in 91% of industrial organizations, and Positive Technologies penetration testers gained access to Industrial Control System (ICS) networks in 75% of these companies.
The attack vectors for gaining access to critical systems can be straightforward and the potential damage serious. Once criminals gain access to ICS components, they can shut down entire productions, cause equipment failure, trigger chemical spills and even industrial accidents that could cause serial damage to industrial employees or even death.
Olga Zinenko, senior analyst at Positive Technologies, said: “Today, the level of cybersecurity in most industrial companies is too low to be comfortable. In most cases, the external network perimeters accessible over the Internet contain weak protection, the device configurations contain loopholes, and we find a low level of security of the ICS network and the use of dictionary and password passwords. Obsolete software versions present risks.
The report notes that once inside the internal network, attackers can steal user credentials and gain full control over the infrastructure 100% of the time, and in 69% of organizations, they can steal sensitive data, including information about company partners and employees, email, and internal documentation. But above all, in 75% of industrial companies, specialists from Positive Technologies succeeded in accessing the technological segment of the network, which then enabled them to access real industrial control systems in 56% of cases. This shows that by gaining access to the ICS network, attackers can also gain access to industrial process automation systems, which could lead to serious consequences: From work disruption to loss of life.
Industrial companies attract criminals because of their size, the importance of business processes and their impact on the world and people’s lives. The main threats to industrial companies, according to the report, are espionage and financial loss. The main objective of information security specialists today is to assess the feasibility of various security risks in companies and to identify the possible consequences of cyber attacks, then to build an effective security system based on this knowledge. The problem is that management will never accept any action taken within the infrastructure that could negatively affect technological processes; and rightly so.
More than any other industry, protecting the industrial sector requires modeling critical systems to test their parameters, verify the feasibility of business risks and detect security breaches. But assessing the possibility of most unacceptable cyber incidents on a real infrastructure is almost impossible. Positive Technologies specialists recommend that industrial companies take advantage of cyber-ranges to help analyze the cybersecurity of production systems and allow infosecurity specialists to properly verify cyber-events unacceptable for their business, to assess their implications and assess possible damage without disrupting actual business processes.
For example, at Deadlock 2021, the global virtual cybergame hosted by Positive Technologies that attracted more than 22,000 participants, attacker teams were asked to trigger unacceptable events on the infrastructure of a gas distribution station. It only took them two days to disrupt the technological process of gas supply. The attackers managed to gain access to the gas station’s control system, cut off the gas supply and caused an explosion. In real life, a hacker attack on a gas distribution station can result in loss of life, resignation from management, or prosecution. Since information security experts cannot conduct attacks that disrupt or shut down technological or business processes on an actual infrastructure, the feasibility of unacceptable cyber incidents like this remains in question until. that these types of tests can be performed.
To access a full copy of the research report, please visit This site.
About positive technologies
Positive technologies is a leading global provider of enterprise security solutions for vulnerability and compliance management, incident and threat analysis, and application protection. Commitment to customers and research has earned Positive Technologies a reputation as one of the leading security authorities for industrial control systems, banking, telecommunications, web applications and ERP, supported by recognition from the analyst community.
Did you enjoy this great article?
Check out our free e-newsletters for more interesting articles.