38% of riskiest cyber-physical systems neglected, warns Claroty report

2 weeks ago AndyC

Cyber-physical systems (CPS) are at a high risk of cyber attacks, as a staggering 38% of the riskiest assets are overlooked by traditional vulnerability management practices, according to a recent report by Claroty, a leading CPS protection company.

38% of riskiest cyber-physical systems neglected, warns Claroty report

Cyber-physical systems (CPS) are at a high risk of cyber attacks, as a staggering 38% of the riskiest assets are overlooked by traditional vulnerability management practices, according to a recent report by Claroty, a leading CPS protection company. This knowledge gap leaves these high-risk CPS assets prone to exploitation by web-based attackers.

The report was prepared by the Claroty research group Team82, who thoroughly examined over 20 million pieces of operational technology (OT), highlighting the following key points:

  • 20% of OT and IoMT (Internet of Medical Things) devices have CVSSv3.1 (Common Vulnerability Scoring System version 3.1) scores of 9.0 or above.

  • 1.6% of these devices were deemed as “high risk,” meaning they have an insecure internet connection and contain at least one Known Exploited Vulnerability (KEV).

  • Shockingly, 38% of these ultra-high-risk OT and IoMT devices do not have a CVSS score of 9.0 or above. This means they are often unnoticed by traditional vulnerability management methods, making them ripe for exploitation by threat actors.

Amir Preminger, VP of research for Claroty’s Team82, clarified: “Organisations must take a holistic approach to exposure management that focuses on the ticking time bombs in their environment, because even if they somehow mastered the impossible task of addressing every single 9.0+ CVSS vulnerability, they’d still miss nearly 40% of the most dangerous threats to their organisation.”

To counteract this gaping oversight, Claroty has introduced a cutting-edge CPS-native exposure management solution. This innovative tool allows organisations to understand their existing CPS risk posture, utilise their resources most efficiently, and accelerate their journey towards CPS security maturity – irrespective of their starting point.

The CPS-native exposure management tool offers businesses the following key capabilities:

  • Identification and profiling of all CPS assets using highly flexible discovery methods, attributing vulnerabilities, and monitoring for threats.

  • Receiving actionable recommendations that prioritise remediation efforts based on quantified outcomes as defined by specific attack vectors and their likelihood of being exploited.

  • Investigation of exploitability using VEX files and additional discovery tactics.

  • Inclusion of CPS devices in exposure management programs using multi-data collection methods and tailored risk calculations to lay the foundation for network scoping.

  • Streamlining of remediation and program mobilisation by integrating with leading IT/OT cybersecurity and asset management solutions.

“Reducing risk requires an evolution from a traditional vulnerability management program to a more focused and dynamic exposure management program,” said Grant Geyer, chief product officer at Claroty. He further pointed out that this program considers unique CPS asset characteristics and complexities, unique operational and environmental constraints, organisational risk tolerances, and desired outcomes of the CPS cyber-risk program.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , ,

More Stories

Too much of a good thing? How security sprawl can weaken defences

Too much of a good thing? How security sprawl can weaken defences

2 days ago AndyC
Kinsing malware exploits Apache Tomcat on Linux clouds

Kinsing malware exploits Apache Tomcat on Linux clouds

3 days ago AndyC
LogicMonitor launches LM Cost Optimisation tool for businesses

LogicMonitor launches LM Cost Optimisation tool for businesses

3 days ago AndyC
Organisations battle AI risks amid rise in supply chain attacks

Organisations battle AI risks amid rise in supply chain attacks

3 days ago AndyC
AUCloud Ramps Expands its Senior Leadership Team

AUCloud Ramps Expands its Senior Leadership Team

3 days ago AndyC
Cyberattacks exploiting trusted ties spanned over a month in 2023

Cyberattacks exploiting trusted ties spanned over a month in 2023

3 days ago AndyC

You may have missed

Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

4 hours ago AndyC
North Korean Kimsuky used a new Linux backdoor in recent attacks

North Korean Kimsuky used a new Linux backdoor in recent attacks

4 hours ago AndyC
AI's Energy Appetite: Challenges for Our Future Electricity Supply

AI’s Energy Appetite: Challenges for Our Future Electricity Supply

4 hours ago AndyC
Chinese Nationals Arrested for Laundering Million in Pig Butchering Crypto Scam

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

4 hours ago AndyC
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

4 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.