Cybersecurity Report 2021: TXOne Networks Publishes In-Depth Analysis of Vulnerabilities Affecting Industrial Control Systems
PR94360
SAN FRANCISCO and TAIPEI, Taiwan Feb 1, 2022 /PRNewswire=KYODO JBN/ --
TXOne Networks, a global leader in OT zero trust and Industrial IoT (IIoT)
security, has published its 2021 Cybersecurity Report which focuses on the
vulnerabilities that can affect ICS environments. TXOne Networks' threat
researchers conducted in-depth analysis of ICS-affecting vulnerabilities using
the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for
ICS, a globally-accessible knowledge base of adversary tactics and techniques
found in cyber attacks on ICS environments. The results of this Cybersecurity
Report enable TXOne Networks to show cyber threat and research trends from 2021
and previous years that will affect the industrial control system (ICS)
environment in 2022. One important observation from the report is that cyber
attacks on critical infrastructure can be resisted and made significantly
easier to repel by applying the OT zero trust methodology, which includes
device inspection, preserving critical applications and services, network
segmentation, and virtual patching.
The focus of TXOne Networks' Cybersecurity Report lies especially on the
analysis of so-called Common Vulnerabilities and Exposures (CVEs) that can
affect ICS environments. These industry-critical vulnerabilities are identified
each year by the Industrial Control Systems Cyber Emergency Response Team
(ICS-CERT). The MITRE ATT&CK for ICS matrix used by TXOne Networks gives an
overview of "tactics" (malicious actors' goals during an attack) as well as the
specific "techniques" malicious actors will use to accomplish their goals.
2021's ICS-CERT advisories
ICS-CERT advisories are published when an ICS vulnerability is released that
attackers could use to cause harm. According to the Cybersecurity Report, the
number of advisories dramatically increased in 2021. There were 389 advisories
published, which, compared with 2020's number of 249, shows the largest
year-to-year growth in the history of the ICS-CERT program. The ever-increasing
number of CVEs affecting ICS environments highlights the near-impossibility of
comprehensively addressing each specific vulnerability.
2021 also saw fundamental changes in the methods favored by cyber attackers, as
well as more advanced and destructive supply chain attacks than ever before.
Known recently-active ransomware groups include Maze, Lockbit, REvil, and
DarkSide, though their activity levels can vary.
CVEs affecting ICS environments
By taking a closer look at vulnerabilities in ICS-CERT advisories from 2017 to
2021 classified by affected sector, a huge spike in vulnerabilities affecting
Critical Manufacturing clearly stands out - 59.8% of CVEs identified in 2021
advisories are considered critical or high-risk.
While Critical Manufacturing is obviously in the lead, the Cybersecurity Report
also shows a spike in CVEs which can be used to affect multiple sectors. Both
attackers and researchers are likely to take more interest in these kinds of
vulnerabilities in 2022 and 2023, because attackers can potentially exploit the
same vulnerability across different kinds of operational environments.
"Our analysis of the 613 CVEs identified in advisories in 2021 that are likely
to affect Critical Manufacturing environments shows that 88.8% of them might be
leveraged by attackers to create an impact and cause varying degrees of
disruption to ICS equipment and the environment," said Dr. Terence Liu, CEO of
TXOne Networks. "For ICS environments, impact is a critical concern that
includes damage or disruption to finances, safety, human lives, the
environment, and equipment."
Supply Chain and Work Site Security
According to the Cybersecurity Report, while ICS-CERT shows information about
CVEs that is immediately useful and necessary, it might be missing some
information that can streamline the process of addressing them. More complete
information provided by the National Vulnerability Database (NVD) can be
critical in the creation of Software Bills of Materials (SBOMs) and the
prevention of supply chain attacks, but almost 25% of CVEs take more than 3
months to reach this stage of documentation.
This underscores some crucial points. First, from a security point of view, no
organization can depend on one source for cybersecurity information. In other
words, ICS cybersecurity is a group effort that can't be effectively
accomplished without comparing multiple sources of information. Second, due to
an extended timeline for information availability, organizations can't rely on
vendor patches or even released research to secure operations.
OT Zero Trust
One potential way to address these challenges as well as the urgent need for
improvements in cybersecurity, could be the "Zero Trust Architecture". TXOne
Networks' experts recommend OT zero trust, an adapted form of the zero trust
architecture that offers unique improvements in cybersecurity to both supply
chains and ICS environments.
A core principle of IT zero trust is to "never trust, always verify". This idea
was created based on the IT perspective that a network is designed for human
operators or "users". Because in ICS environments the networks are primarily
used by assets instead of personnel, the methodology must be adapted into OT
zero trust to provide reliable defenses that do not interfere with productivity
or availability. "OT zero trust-based solutions such as network segmentation,
virtual patching, trust lists, asset hardening, and security inspection offer a
superior protective baseline by elevating security standards for networks and
assets from the ground up," emphasized TXOne Networks' CEO Dr. Liu.
Download the TXOne Networks 2021 Cybercecurity Report: In-Depth Analysis of ICS
Vulnerability with MITRE ATT&CK here.
For images related to this release, please visit:
https://www.gcpr.de/presseraum/txone-networks/
Follow TXOne Networks: Blog, Twitter, and LinkedIn
About TXOne Networks
At TXOne Networks, we offer practical cybersecurity solutions to protect
industrial control systems, ensuring reliability and safety from cyberattacks
in the industrial world. A subsidiary company of Trend Micro, we do our work
with leading manufacturers and critical infrastructure operators, using that
feedback and research to develop the best actionable approach. TXOne Networks
offers both network-based and endpoint-based products to secure the OT network
and mission critical devices in a real-time defense-in-depth manner.
www.txone-networks.com
- Picture is available at AP Images (http://www.apimages.com) -
TXOne-Networks-press-contact:
lynette_lee@trendmicro.com
tel. +886-2-2378-9666_ext.5133
European-press-contact-TXOne-Networks
GlobalCom-PR-Network-GmbH
Martin Uffmann/
martin@gcpr.net/c
Tel.: +49-(0)89-360-363-41/-42
Caroline Hannig-Sachon
caroline@gcpr.net
Tel.: +49-(0)89-360-363-42
SOURCE: TXOne Networks
本プレスリリースは発表元が入力した原稿をそのまま掲載しております。また、プレスリリースへのお問い合わせは発表元に直接お願いいたします。
このプレスリリースには、報道機関向けの情報があります。
プレス会員登録を行うと、広報担当者の連絡先や、イベント・記者会見の情報など、報道機関だけに公開する情報が閲覧できるようになります。