For CISOs tasked with safeguarding industrial networks, understanding IT security professionals' attitudes, perceptions, and concerns regarding operational technology (OT) is crucial to forging an effective path forward. Our latest research report offers a global perspective on the state of industrial cybersecurity based on an independent survey of 1,000 full-time IT security professionals across the United States, United Kingdom, Germany, France, and Australia.
Our research gleaned insight into the following areas, which are broken down in-depth in our Global State of Industrial Cybersecurity report:
The survey illuminated a notable lack of confidence in the status quo of OT safeguards among IT security professionals in the U.S. relative to other countries. For instance, 51% of industry practitioners in the U.S. believe today's industrial networks are not properly safeguarded, compared to just 4% of their German counterparts.
Worldwide, a clear majority (74%) of respondents in all regions characterized cyberattacks on critical infrastructure as having greater potential to inflict damage than an enterprise data breach.
Respondents identified hacking (43%), ransomware (33%), and sabotage (9%) as the most prevalent attacks against industrial networks. The survey also indicated consensus characterizing electric power (45%) as the sector most vulnerable to cyber attacks on critical infrastructure, followed by the oil and gas (22%), chemical (12%), and transportation (12%) sectors.
Despite a clear consensus (80%) that IT security teams are responsible for protecting an organization's industrial networks, a significant portion of respondents (25% globally, 34% in the U.S.) had not been trained on the differences between IT and OT networks. 93% of respondents said OT-focused cybersecurity should be incorporated into the education and training of IT security professionals.
In addition to identifying key areas for CISOs to focus their efforts, our Global State of Industrial Cybersecurity report offers an actionable roadmap for closing the decades-old cybersecurity gap between IT and OT through increased awareness and education, reduced complexity, simplified governance, and IT–OT alignment.
To learn more, download the report.
CWE-121 STACK-BASED BUFFER OVERFLOW:
Affected Vertiv products contain a stack based buffer overflow vulnerability. An attacker could exploit this vulnerability to gain code execution on the device.
Vertiv recommends users take the following actions:
CVSS v3: 9.8
CWE-288 AUTHENTICATION BYPASS USING AN ALTERNATE PATH OR CHANNEL:
Affected Vertiv products do not properly protect webserver functions that could allow an attacker to bypass authentication.
Vertiv recommends users take the following actions:
CVSS v3: 9.8
CWE 287: Improper Authentication
An Improper Authentication vulnerability exists in Danfoss AK-SM8xxA Series, resulting in an authentication bypass. Install the latest patch with number 4.2 to remediate this vulnerability. This flaw could enable an attacker to generate a web report that discloses sensitive information such as internal IP addresses, usernames, store names, and other sensitive information.e
CVSS v3: 8.2
CWE-798 USE OF HARD-CODED CREDENTIALS:
In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions.
Optigo Networks recommends users implement at least one of the following additional mitigations:
CVSS v3: 9.8
CWE-78 Improper Neutralization of Special Elements used in an OS Command:
A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS commands to disclose, tamper with, destroy or delete information in Mitsubishi Electric smartRTU, or cause a denial-of service condition on the product.
Mitsubishi Electric Europe B.V. recommends that users take note of the following mitigation measures to minimize the risk of exploiting this vulnerability:
CVSS v3: 9.8