The flaw in the ICS system - the grave of the business
A recent large-scale study has shown the number of utopian gaps that exist in enterprise-level industrial control systems (Industrial Control Systems (ICS). These vulnerabilities are a bridge for hackers to deploy complex attacks on ICS devices, causing heavy damage to businesses. (ICS systems are widely used in oil and gas networks, power generation, refining and chemicals, papermaking, and mining industries.)
The flaw in the ICS system - the grave of the business Picture 1
Specifically, according to a study conducted by PAS Global, more than 380,000 vulnerabilities have been found on ICS systems of 10,000 businesses worldwide. These holes can be exploited by malicious agents for a variety of purposes, from disrupting operations to physical damage.
Notably, the majority of these 380,000 vulnerabilities were found on system management software created by Microsoft. It also affects many different types of ICS, including human-machine interfaces (HMI), programmable logic controllers (PLCs) and distributed control systems ( distributed control systems - DCS). The vulnerability exploitation process (in most cases) only requires network access or basic privileges.
There are two main types of problems that are identified: common weakness, affecting a wide range of products and unique weaknesses, occurring only on a certain product.
So, what should enterprises do before this alarming situation? There are 3 things to do as follows:
- Applying configuration management, especially to important systems and assets, is a way to prevent potential attacks.
- Passive network monitoring, helping to capture traffic and abnormal behavior on the network, thereby offering appropriate responses.
- The last and most important requirement: Pay attention to apply security patches to vulnerable devices.
You should read it
- IBM developed a new technology to patch security holes
- New virus attacks industrial security system
- 9 misconceptions about security and how to resolve
- 6 enterprise security holes to note
- A serious security error appeared on Android that allowed hackers to control smartphones through a photo
- Alarming statistics on the situation of network security in our country in the first half of 2019
- Why must India implement security systems for the power sector?
- The basic steps in dealing with network security issues that you need to understand
- Warning: Jenkins exists a serious security hole that helps hackers gain control of computers of many Vietnamese businesses
- The NSA identifies 4 'critical' security vulnerabilities of cloud systems
- The 5G era is near, but are security procedures ready?
- Find security holes on every site with Nikto
May be interested
Snapchat successfully helped a kidnapped hostage
Microsoft has committed to a roadmap of 'recovering' CO2 emissions from business operations since 1975
Test of technology terminology - Part 13
5 techniques commonly used by hackers when targeting the retail sector
SpaceX is about to blow up a tens of millions of dollars worth of boosters on the Atlantic
Jokes: Mouse also slash wind