TECHNOLOGY

Vulnerabilities in Cyber-physical Systems Reach their Peak

In the second half of 2022, vulnerabilities in cyber-physical systems decreased by 14% compared to the peak in the last six months of 2021.

Product security teams have managed to increase their detection by 80% in the same period, according to the “State of XIoT Security Report: 2H 2022” report published today by Claroty. These results indicate the positive effect of security researchers on the security of the Extended Internet of Things (XioT), a vast network of cyber-physical systems in industrial, healthcare, and commercial settings, and that XIoT providers are dedicating more resources than ever before. Examine the safety and security of your products.

Also Read: Personnel Management For Business Success

“State of XIoT Security Report ” is a comprehensive analysis of vulnerabilities affecting XIoT, including operational technology and industrial control systems (OT/ICS), the Internet of Medical Things (IoMT), security management systems buildings and the enterprise IoT. This is the sixth edition of the report compiled by Team82, Claroty’s award-winning research team.

The data set includes vulnerabilities publicly disclosed in the second half of 2022 by Team82 and from other recognized sources such as the National Vulnerability Database (NVD), the Industrial Control Systems CyberEmergency Response Team (ICS-CERT), CERT@VDE, MITRE, and the industrial automation providers Schneider Electric and Siemens.

Main conclusions of the Report “State of XIoT Security Report: 2H 2022”

Affected devices: 62% of published OT vulnerabilities affect Level 3 devices of the Purdue Model for ICS. These devices manage production workflows and can be key connection points between IT and OT networks, making them highly attractive to cybercriminals seeking to interfere with industrial operations.

Level of importance: 71% of the vulnerabilities were assigned a CVSS v3 score of “critical” (9.0-10) or “high” (7.0-8.9). This reflects the need for security researchers to focus on identifying the vulnerabilities with the most significant potential impact to minimise potential damage. In addition, four of the top five Common Weakness Enumerations (CWE) are among the top 5 of MITRE’s 25 most dangerous CWE 2022 software weaknesses. 

They can be relatively easy to exploit and allow attackers to exploit. Disrupt system security and service delivery.

Attack vector: 63% of vulnerabilities can be exploited remotely over the network, which means that a cybercriminal does not need local, adjacent, or physical access to the affected device to carry out a cyberattack.

Consequences: The significant potential impact is unauthorised remote code or command execution (prevalent in 54% of vulnerabilities), followed by denial-of-service conditions (hang, abort, or resume) at 43%.
Prevention measures: The primary mitigation measure is network segmentation (recommended in 29% of disclosed vulnerabilities), followed by secure remote access (26%) and protection against ransomware, phishing and spam (22%).

Also Read: Benefits of Digitization in Companies

iBlogTech

iBogTech is notifying technologies information to internet users. Our blog started with a vision of publishing informative tech and internet things.

Recent Posts

What is Social Media Engagement and How is it Measured

Engagement is a word which is a part of digital marketing, it is used to…

1 week ago

How to Appear in Google Discover and It’s Benefits

In a digital world where visibility is paramount, appearing on Google Discover can be a…

4 weeks ago

How to Create an Inbound Marketing Strategy for B2B

In the B2B sector, where sales cycles are very long because customers have to make…

1 month ago

How to do Free Email Marketing with Free Tools

Free email marketing has become one of the most widely used tools for professionals and…

1 month ago

What are On Page SEO and Off Page SEO Detailed Information

Today we are going to talk about what On Page SEO is, that key tool…

2 months ago

How to Know Who Saved Your Instagram Photo/Reels

Instagram's algorithm is designed to protect user privacy. So when someone saves one of your…

2 months ago