enterprisesecuritymag

How Vulnerabilities of Industrial Control Systems are Affecting Enterprises

By Enterprise Security Magazine | Tuesday, January 28, 2020

The several exposures of the Industrial Control System are threatening the sensitive information of the companies.

FREMONT, CA: According to a recent study, almost 10,000 industrial endpoints get affected because of their vulnerabilities. Most of the websites get exposure due to the software made by Microsoft.

In one of the latest analysis conducted by the Industrial Control System (ICS) explains the methods in which few genuine and deeply rooted features and their functions can be a threat for the companies. However, the systems of ICS are extensively used in several networks like power generation, pulp & paper, oil & gas, and even the mining industry.

What does the research of ICS disclose?

• According to the research, there are several industrial control system that is utilized by the companies have weaknesses and also design flaws that the cybercriminals can make use of to accomplish their malicious purposes. Hackers can efficiently conduct not only physical damage but also disruption.

• Most of the susceptibility was found because of the impact of software by the Microsoft

• As per PAS Global, almost 10,000 industries have been affected by the common vulnerabilities.

What type of systems get affected?

Several types of ICS were impacted because of the vulnerabilities that consist of programmable logic controllers (PLC), distributed control systems (DCS), and also human-machine interfaces (HMI). In most cases, to exploit the machines, hackers only need access to the network or some necessary privileges.

However, the study has recognized two particular types of problems. The first problem is the ubiquitous weakness, and it has the ability to impact a broad range of products. The second is a unique weakness, and it only attacks some particular products.

What are the precautions that can be taken?

One way in which the attacks can be avoided is by implementing configuration management, particularly for the vital assets and systems. Using passive network can also be better as it will seize the inconsistent traffic and even behavior that will be an indicator for the company to take measures before any issues are created.

See Also: Top Cybersecurity Consulting/Services Companies

Weekly Brief