In the second half of 2022, vulnerabilities in cyber-physical systems decreased by 14% compared to the peak in the last six months of 2021.
Product security teams have managed to increase their detection by 80% in the same period, according to the “State of XIoT Security Report: 2H 2022” report published today by Claroty. These results indicate the positive effect of security researchers on the security of the Extended Internet of Things (XioT), a vast network of cyber-physical systems in industrial, healthcare, and commercial settings, and that XIoT providers are dedicating more resources than ever before. Examine the safety and security of your products.
Also Read: Personnel Management For Business Success
“State of XIoT Security Report ” is a comprehensive analysis of vulnerabilities affecting XIoT, including operational technology and industrial control systems (OT/ICS), the Internet of Medical Things (IoMT), security management systems buildings and the enterprise IoT. This is the sixth edition of the report compiled by Team82, Claroty’s award-winning research team.
The data set includes vulnerabilities publicly disclosed in the second half of 2022 by Team82 and from other recognized sources such as the National Vulnerability Database (NVD), the Industrial Control Systems CyberEmergency Response Team (ICS-CERT), CERT@VDE, MITRE, and the industrial automation providers Schneider Electric and Siemens.
Main conclusions of the Report “State of XIoT Security Report: 2H 2022”
Affected devices: 62% of published OT vulnerabilities affect Level 3 devices of the Purdue Model for ICS. These devices manage production workflows and can be key connection points between IT and OT networks, making them highly attractive to cybercriminals seeking to interfere with industrial operations.
Level of importance: 71% of the vulnerabilities were assigned a CVSS v3 score of “critical” (9.0-10) or “high” (7.0-8.9). This reflects the need for security researchers to focus on identifying the vulnerabilities with the most significant potential impact to minimise potential damage. In addition, four of the top five Common Weakness Enumerations (CWE) are among the top 5 of MITRE’s 25 most dangerous CWE 2022 software weaknesses.
They can be relatively easy to exploit and allow attackers to exploit. Disrupt system security and service delivery.
Attack vector: 63% of vulnerabilities can be exploited remotely over the network, which means that a cybercriminal does not need local, adjacent, or physical access to the affected device to carry out a cyberattack.
Consequences: The significant potential impact is unauthorised remote code or command execution (prevalent in 54% of vulnerabilities), followed by denial-of-service conditions (hang, abort, or resume) at 43%.
Prevention measures: The primary mitigation measure is network segmentation (recommended in 29% of disclosed vulnerabilities), followed by secure remote access (26%) and protection against ransomware, phishing and spam (22%).
Also Read: Benefits of Digitization in Companies
