PR94360

SAN FRANCISCO and TAIPEI, Taiwan Feb 1, 2022 /PRNewswire=KYODO JBN/ --

TXOne Networks, a global leader in OT zero trust and Industrial IoT (IIoT)

security, has published its 2021 Cybersecurity Report which focuses on the

vulnerabilities that can affect ICS environments. TXOne Networks' threat

researchers conducted in-depth analysis of ICS-affecting vulnerabilities using

the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for

ICS, a globally-accessible knowledge base of adversary tactics and techniques

found in cyber attacks on ICS environments. The results of this Cybersecurity

Report enable TXOne Networks to show cyber threat and research trends from 2021

and previous years that will affect the industrial control system (ICS)

environment in 2022. One important observation from the report is that cyber

attacks on critical infrastructure can be resisted and made significantly

easier to repel by applying the OT zero trust methodology, which includes

device inspection, preserving critical applications and services, network

segmentation, and virtual patching.

The focus of TXOne Networks' Cybersecurity Report lies especially on the

analysis of so-called Common Vulnerabilities and Exposures (CVEs) that can

affect ICS environments. These industry-critical vulnerabilities are identified

each year by the Industrial Control Systems Cyber Emergency Response Team

(ICS-CERT). The MITRE ATT&CK for ICS matrix used by TXOne Networks gives an

overview of "tactics" (malicious actors' goals during an attack) as well as the

specific "techniques" malicious actors will use to accomplish their goals.

2021's ICS-CERT advisories

ICS-CERT advisories are published when an ICS vulnerability is released that

attackers could use to cause harm. According to the Cybersecurity Report, the

number of advisories dramatically increased in 2021. There were 389 advisories

published, which, compared with 2020's number of 249, shows the largest

year-to-year growth in the history of the ICS-CERT program. The ever-increasing

number of CVEs affecting ICS environments highlights the near-impossibility of

comprehensively addressing each specific vulnerability.

2021 also saw fundamental changes in the methods favored by cyber attackers, as

well as more advanced and destructive supply chain attacks than ever before.

Known recently-active ransomware groups include Maze, Lockbit, REvil, and

DarkSide, though their activity levels can vary.

CVEs affecting ICS environments

By taking a closer look at vulnerabilities in ICS-CERT advisories from 2017 to

2021 classified by affected sector, a huge spike in vulnerabilities affecting

Critical Manufacturing clearly stands out - 59.8% of CVEs identified in 2021

advisories are considered critical or high-risk.

While Critical Manufacturing is obviously in the lead, the Cybersecurity Report

also shows a spike in CVEs which can be used to affect multiple sectors. Both

attackers and researchers are likely to take more interest in these kinds of

vulnerabilities in 2022 and 2023, because attackers can potentially exploit the

same vulnerability across different kinds of operational environments.

"Our analysis of the 613 CVEs identified in advisories in 2021 that are likely

to affect Critical Manufacturing environments shows that 88.8% of them might be

leveraged by attackers to create an impact and cause varying degrees of

disruption to ICS equipment and the environment," said Dr. Terence Liu, CEO of

TXOne Networks. "For ICS environments, impact is a critical concern that

includes damage or disruption to finances, safety, human lives, the

environment, and equipment."

Supply Chain and Work Site Security

According to the Cybersecurity Report, while ICS-CERT shows information about

CVEs that is immediately useful and necessary, it might be missing some

information that can streamline the process of addressing them. More complete

information provided by the National Vulnerability Database (NVD) can be

critical in the creation of Software Bills of Materials (SBOMs) and the

prevention of supply chain attacks, but almost 25% of CVEs take more than 3

months to reach this stage of documentation.

This underscores some crucial points. First, from a security point of view, no

organization can depend on one source for cybersecurity information. In other

words, ICS cybersecurity is a group effort that can't be effectively

accomplished without comparing multiple sources of information. Second, due to

an extended timeline for information availability, organizations can't rely on

vendor patches or even released research to secure operations.

OT Zero Trust

One potential way to address these challenges as well as the urgent need for

improvements in cybersecurity, could be the "Zero Trust Architecture". TXOne

Networks' experts recommend OT zero trust, an adapted form of the zero trust

architecture that offers unique improvements in cybersecurity to both supply

chains and ICS environments.

A core principle of IT zero trust is to "never trust, always verify". This idea

was created based on the IT perspective that a network is designed for human

operators or "users". Because in ICS environments the networks are primarily

used by assets instead of personnel, the methodology must be adapted into OT

zero trust to provide reliable defenses that do not interfere with productivity

or availability. "OT zero trust-based solutions such as network segmentation,

virtual patching, trust lists, asset hardening, and security inspection offer a

superior protective baseline by elevating security standards for networks and

assets from the ground up," emphasized TXOne Networks' CEO Dr. Liu.

Download the TXOne Networks 2021 Cybercecurity Report: In-Depth Analysis of ICS

Vulnerability with MITRE ATT&CK here.

For images related to this release, please visit:

https://www.gcpr.de/presseraum/txone-networks/

Follow TXOne Networks: Blog, Twitter, and LinkedIn

About TXOne Networks

At TXOne Networks, we offer practical cybersecurity solutions to protect

industrial control systems, ensuring reliability and safety from cyberattacks

in the industrial world. A subsidiary company of Trend Micro, we do our work

with leading manufacturers and critical infrastructure operators, using that

feedback and research to develop the best actionable approach. TXOne Networks

offers both network-based and endpoint-based products to secure the OT network

and mission critical devices in a real-time defense-in-depth manner.

www.txone-networks.com

- Picture is available at AP Images (http://www.apimages.com) -

TXOne-Networks-press-contact:

lynette_lee@trendmicro.com

tel. +886-2-2378-9666_ext.5133

European-press-contact-TXOne-Networks

GlobalCom-PR-Network-GmbH

Martin Uffmann/

martin@gcpr.net/c

Tel.: +49-(0)89-360-363-41/-42

Caroline Hannig-Sachon

caroline@gcpr.net

Tel.: +49-(0)89-360-363-42

SOURCE: TXOne Networks