Chiwopsezo chogwiritsa ntchito makina ogwiritsira ntchito mafakitale (ICS) chikuchulukirachulukira, chifukwa kudalira mwayi wopezeka pa intaneti kumachulukirachulukira panthawi ya COVID-19, lipoti latsopano lofufuza kuchokera ku Claroty wapeza.
Zopitilira 70% zowopsa zamakina owongolera mafakitale (ICS) zomwe zidawululidwa mu theka loyamba (1H) la 2020 zitha kugwiritsidwa ntchito kutali, ndikuwonetsa kufunikira koteteza zida za ICS zoyang'ana pa intaneti komanso kulumikizana kwakutali, malinga ndi kutsegulira.Biannual ICS Risk & Vulnerability Report, yotulutsidwa sabata ino ndiClaroty, katswiri wapadziko lonse lapansiteknoloji yogwira ntchito (OT) chitetezo.
Lipotilo lili ndi kuwunika kwa gulu la Claroty pavulnerability 365 ICS lofalitsidwa ndi National Vulnerability Database (NVD) ndi upangiri 139 ICS woperekedwa ndi Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) mu 1H 2020, zomwe zimakhudza ogulitsa 53.Gulu lofufuza la Claroty lapeza zovuta 26 zomwe zikuphatikizidwa mu seti iyi.
Malinga ndi lipoti latsopanoli, poyerekeza ndi 1H 2019, kusatetezeka kwa ICS kofalitsidwa ndi NVD kudakwera ndi 10.3% kuchokera ku 331, pomwe upangiri wa ICS-CERT udakwera ndi 32.4% kuchokera pa 105. Zotsatira za System (CVSS).
"Pali kuzindikira kwakukulu za kuopsa kwa kusatetezeka kwa ICS komanso kuyang'ana kwakukulu pakati pa ofufuza ndi ogulitsa kuti azindikire ndi kuthetsa ziwopsezozi moyenera komanso moyenera momwe angathere," atero Amir Preminger, Wachiwiri kwa Wachiwiri kwa kafukufuku ku Claroty.
Ananenanso kuti, "Tidazindikira kufunikira kofunikira kumvetsetsa, kuwunika, ndikupereka lipoti pazowopsa za ICS komanso kusatetezeka kuti tipindule ndi gulu lonse lachitetezo la OT.Zomwe tapeza zikuwonetsa kufunikira kwa mabungwe kuti ateteze kulumikizana kwakutali ndi zida za ICS zoyang'ana pa intaneti, komanso kuteteza ku phishing, spam, ndi ransomware, kuti achepetse ndikuchepetsa zomwe ziwopsezozi zingachitike. ”
Malinga ndi lipotilo, zowopsa zopitilira 70% zofalitsidwa ndi NVD zitha kugwiritsidwa ntchito kutali, kutsimikizira kuti maukonde a ICS opanda mpweya omwe ali.otalikirana ndi ziwopsezo za pa intanetizakhala zachilendo kwambiri.
Kuonjezera apo, zomwe zingakhudzidwe kwambiri zinali kugwiritsa ntchito ma code akutali (RCE), zotheka ndi 49% ya zofooka - kusonyeza kutchuka kwake monga malo otsogolera mkati mwa gulu lofufuza za chitetezo cha OT - kutsatiridwa ndi kutha kuwerenga deta (41%). , chifukwa chokana ntchito (DoS) (39%), ndi njira zotetezera zodutsa (37%).
Kafukufukuyu akuwonetsa kuti kutchuka kwa kugwiritsidwa ntchito kwakutali kwakulitsidwa chifukwa chakusintha kwachangu kwapadziko lonse kupita kwa anthu ogwira ntchito akutali komanso kudalira kochulukira kofikira kutali ndi ma network a ICS.pothana ndi mliri wa COVID-19.
Malinga ndi lipotili, gawo lamphamvu, kupanga zovuta, komanso madzi ndi madzi akuwonongeka ndizomwe zidakhudzidwa kwambiri ndi zofooka zomwe zidasindikizidwa mu upangiri wa ICS-CERT pa 1H 2020. , mphamvu inali ndi 236, kupanga kofunikira kunali ndi 197, ndipo madzi ndi madzi onyansa anali ndi 171. Poyerekeza ndi 1H 2019, madzi ndi madzi otayira adakumana ndi kuwonjezeka kwakukulu kwa CVEs (122.1%), pamene kupanga kwakukulu kunawonjezeka ndi 87.3% ndi mphamvu ndi 58.9%.
Kafukufuku wa Claroty adapeza zovuta 26 za ICS zomwe zidawululidwa mu 1H 2020, ndikuyika patsogolo ziwopsezo zazikulu kapena zoopsa zomwe zingakhudze kupezeka, kudalirika, ndi chitetezo chamakampani.Gululi limayang'ana kwambiri mavenda a ICS ndi zinthu zokhala ndi zoyambira zazikulu, maudindo ofunikira pantchito zamafakitale, ndi omwe amagwiritsa ntchito ma protocol omwe ofufuza a Claroty ali ndi ukadaulo wochulukirapo.Wofufuzayo akuti zofooka za 26 izi zitha kukhala ndi vuto lalikulu pama network a OT omwe akhudzidwa, chifukwa opitilira 60% amathandizira mtundu wina wa RCE.
Kwa ogulitsa ambiri omwe akhudzidwa ndi zomwe Claroty adapeza, uku kunali kusatetezeka kwawo koyamba.Zotsatira zake, adapanga magulu odzitetezera odzipatulira ndi njira zothanirana ndi zomwe zikuwonekera pachiwopsezo chifukwa cholumikizana kwa IT ndi OT.
Kuti mupeze mndandanda wathunthu wazopezeka ndi kusanthula mozama,download ndiLipoti la Claroty Biannual ICS Risk & Vulnerability: 1H 2020Pano.
Nthawi yotumiza: Sep-07-2020
