The flaw in the ICS system - the grave of the business
A recent large-scale study has shown the number of utopian gaps that exist in enterprise-level industrial control systems (Industrial Control Systems (ICS). These vulnerabilities are a bridge for hackers to deploy complex attacks on ICS devices, causing heavy damage to businesses. (ICS systems are widely used in oil and gas networks, power generation, refining and chemicals, papermaking, and mining industries.)
Specifically, according to a study conducted by PAS Global, more than 380,000 vulnerabilities have been found on ICS systems of 10,000 businesses worldwide. These holes can be exploited by malicious agents for a variety of purposes, from disrupting operations to physical damage.
Notably, the majority of these 380,000 vulnerabilities were found on system management software created by Microsoft. It also affects many different types of ICS, including human-machine interfaces (HMI), programmable logic controllers (PLCs) and distributed control systems ( distributed control systems - DCS). The vulnerability exploitation process (in most cases) only requires network access or basic privileges.
There are two main types of problems that are identified: common weakness, affecting a wide range of products and unique weaknesses, occurring only on a certain product.
So, what should enterprises do before this alarming situation? There are 3 things to do as follows:
- Applying configuration management, especially to important systems and assets, is a way to prevent potential attacks.
- Passive network monitoring, helping to capture traffic and abnormal behavior on the network, thereby offering appropriate responses.
- The last and most important requirement: Pay attention to apply security patches to vulnerable devices.
You should read it
- IBM developed a new technology to patch security holes
- New virus attacks industrial security system
- 9 misconceptions about security and how to resolve
- 6 enterprise security holes to note
- A serious security error appeared on Android that allowed hackers to control smartphones through a photo
- Alarming statistics on the situation of network security in our country in the first half of 2019
- Why must India implement security systems for the power sector?
- The basic steps in dealing with network security issues that you need to understand
- Warning: Jenkins exists a serious security hole that helps hackers gain control of computers of many Vietnamese businesses
- The NSA identifies 4 'critical' security vulnerabilities of cloud systems
- The 5G era is near, but are security procedures ready?
- Find security holes on every site with Nikto
Maybe you are interested
The incompatibility of the systems in Pokemon GO
Moving files between Linux systems with SCP
How to move files between systems using scp and rsync
CrowdStrike also crippled global Debian and Rocky Linux systems many months ago, but no one noticed!
For the first time, 'superhumanized' mice with human-like immune systems have been created
Do not worry! Copilot+ PC does not make Windows 11 systems obsolete!