التكنولوجيا وأخبارها بوابة مصر لأخبار تكنولوجيا المعلومات والإتصالات
This and other insights now available in newKaspersky ICS Threat Intelligence service
New Kaspersky ICS CERT researchinto threats affecting industrial control systems
(ICS)highlights 103 new vulnerabilities found in 2019, which could potentially be exploited
by cyberattacks. The number of vulnerabilities found almost doubled in comparison with
the 61 that werereported in 2018. To help organizations protect themselves against these
and other security risks, Kaspersky ICS threat intelligenceis now availablein a new
subscription-based service.
Exploiting various software vulnerabilities is one of manypossible ways attacks on
industrial automation systemsmaybe carried out. Vulnerabilities found by Kaspersky ICS
CERT in 2019 were revealed in the most commonly usedautomation software, industrial
control and Internet of Things (IoT)systems. The issues were found in remote
administration tools (34), SCADA (18), backup software (10), as well as IoT products,
solutions for smart buildings, PLCs and other industrial components.
The success of response to theseand otherthreats may depend on how aware the
operational technology (OT)security teams are. Insights into current threats and attack
vectors, as well as the most vulnerable elements in OT and industrial control systems, are
available in the new,all-in-one Kaspersky ICS Threat Intelligence Reporting service.
This service unifies access to new and previously available reports, offering extended
versions with analysis of new advanced threats,extended snapshots of the overall industrial threat landscape and unique threat insights intospecific regions and industries.
The analysis observes attack methods and malicious toolsets, including exploits and used malwareas well as other important threat factors and attributes. This data can help security
teams perform a security assessment of an organization’s industrial system, better identify malicious activity and be able to attribute it to recent threat actors that have been revealed
by Kaspersky.
The service also offers detailed analysis of vulnerabilities found by Kaspersky, such as security issues that cause a vulnerability and enable its exploitation, possible attack vectors, and other technical information to help customers understand the risk of their potential exploitation by malicious actors.
In addition to this, OT security teams can access unique advisories on previously found vulnerabilities. Unlike advisoriesavailable via public sources that may not necessarily includeall background information and practical recommendations,the Kaspersky service accumulates all available information on the vulnerability and provides it in an actionable manner. This facilitatescustomers’ vulnerability assessmentsand helps themdevelop adequate mitigating measuresif patches are not yet available or can’t be installeddue to, for example, process continuity requirements, system certification needs or compatibility issues.
The reports are available in human-readable format but also include technical artifacts, such as indicators of compromise (IoCs) provided in industrial-grade formats (OpenIOC, STIX, YARA and SNORT rules), so customers can integrate them into their security solutions to enhance incident detection and response.
“All assets for this new serviceare being developed by experts from the Kaspersky
Industrial Systems Emergency Response Team and based on the knowledge we got from years of dedicated industrial threats and vulnerabilitiesresearch. We are trying to share our
findingswith industrial organizations in a simple and actionable manner. What’s more, we believe the information would also be valuable for a wider audience, such as, for example,
state CERTs, industrial automation vendors, cybersecurity service providers and ICS security product developers.Together with the ICS threat data feeds, the subscription can
help them tweak their products and services in accordance with the latest threat intelligence we get from our telemetry sources in ICS environments, all across the globe”,
says EvgenyGoncharov, Head of ICS CERT at Kaspersky.
To learn more about Kaspersky ICS Threat Intelligence Reporting service and apply for a
demo,please visit the Kaspersky Threat Intelligence Portal.
To find out more about the‘Threat landscape for industrial automation systems 2019’ report, please follow the link.
About Kaspersky ICS CERT
Kaspersky Industrial Control Systems Cyber Emergency Response Team (Kaspersky ICS
CERT) is a global project launched by Kaspersky in 2016 to coordinate the efforts ofautomation system vendors, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyberattacks. Kaspersky ICS CERT
\\
devotes its efforts primarily to identifying potential and existing threats that target
industrial automation systems and the Industrial Internet of Things. Kaspersky ICS CERT is
an active member and partner of leading international organizations that develop recommendations on protecting industrial enterprises from cyberthreats. ics-
cert.kaspersky.com
