Nuglaanta nidaamka wershadaha sida fog looga faa'iidaysan karo (ICS) ayaa kor u sii kacaya, iyadoo ku tiirsanaanta marinka fog ee shabakadaha warshadaha ay korodho inta lagu jiro COVID-19, warbixin cilmi baaris cusub oo ka soo baxday Claroty ayaa ogaatay.
In ka badan 70% dayacanka nidaamka kantaroolka warshadaha (ICS) ee la shaaciyay qeybtii hore (1H) ee 2020 ayaa laga faa'iidaysan karaa meel fog, iyadoo la muujinayo muhiimada ay leedahay ilaalinta aaladaha ICS-ka ee soo jeeda internet-ka iyo isku xirka fogaanta, sida ku cad furitaankaKhatarta ICS ee Sannadlaha ah & Warbixinta Nuglaanta, oo toddobaadkan la sii daayayClaroty, khabiir caalami ah oo ku takhasusayilaalinta tignoolajiyada hawlgalka (OT).
Warbixintu waxay ka kooban tahay qiimaynta kooxda cilmi-baadhista Claroty ee 365 dayacanka ICS ee ay daabacday Xogta Nuglaanta Qaranka (NVD) iyo 139 talobixin ICS ah oo ay soo saartay Kooxda Kajawaabista Degdegga ah ee Nidaamyada Xakamaynta Warshadaha (ICS-CERT) intii lagu jiray 1H 2020, saamaynaya 53 iibiyayaal.Kooxda cilmi-baarista Claroty waxay ogaadeen 26 ka mid ah dayacanka ku jira xogtan.
Marka loo eego warbixinta cusub, marka la barbar dhigo 1H 2019, dayacanka ICS ee ay daabacday NVD ayaa kordhay 10.3% marka loo eego 331, halka la-talinta ICS-CERT ay kordheen 32.4% halkii ay ka ahayd 105. In ka badan 75% dayacanka ayaa loo qoondeeyay dhibco sare ama mid daran. Dhibcaha Nidaamka (CVSS).
"Waxaa jira wacyigelin sare oo ku saabsan khatarta ay keenayaan dayacanka ICS iyo diiradda la saaray ee cilmi-baarayaasha iyo iibiyeyaasha si loo aqoonsado oo loo hagaajiyo jilicsanaantan sida ugu waxtarka badan iyo waxtarka leh ee suurtogalka ah," ayuu yiri Amir Preminger, VP ee cilmi-baarista Claroty.
Waxa uu intaas ku daray, “Waxa aanu aqoonsannay baahida muhiimka ah ee ah in la fahmo, la qiimeeyo, oo laga warbixiyo khatarta ICS ee dhammaystiran iyo muuqaalka dayacan si looga faa'iidaysto dhammaan bulshada ammaanka OT.Natiijooyinkayadu waxay muujinayaan sida ay muhiim ugu tahay ururadu inay ilaaliyaan isku-xidhka fogaanta iyo aaladaha ICS-ka ee soo-jeeda internet-ka, iyo inay ka ilaaliyaan phishing, spam, iyo ransomware, si loo yareeyo loona yareeyo saamaynta ka iman karta khatarahaas. "
Sida laga soo xigtay warbixinta, in ka badan 70% dayacanka ay daabacday NVD ayaa laga faa'iidaysan karaa meel fog, taas oo xoojinaysa xaqiiqda ah in shabakadaha ICS ee hawada ka maqan yihiin.laga soocay hanjabaadaha internetkawaxay noqdeen wax aan caadi ahayn.
Intaa waxaa dheer, saameynta ugu caansan ee suurtagalka ah waxay ahayd fulinta code fog (RCE), oo suurtagal ah 49% ee dayacanka - taasoo ka tarjumaysa caannimadeeda inay tahay meesha ugu horeysa ee diiradda la saarayo bulshada cilmi-baarista amniga ee OT - oo ay ku xigto awoodda akhrinta xogta codsiga (41%) , sababa diidmada adeegga (DoS) (39%), iyo hababka ilaalinta ee dhaafka (37%).
Cilmi-baadhistu waxay ogaatay in caannimada ka faa'iidaysiga fog ay uga sii dartay isbeddelka degdegga ah ee caalamiga ah ee loo beddelayo xoog shaqaale fog iyo kororka ku tiirsanaanta gelitaanka fog ee shabakadaha ICSsi looga jawaabo faafitaanka COVID-19.
Sida warbixinta lagu sheegay, qaybaha tamarta, wax soo saarka muhiimka ah, iyo biyaha iyo kaabayaasha biyaha wasakhda ah ayaa ilaa hadda inta ugu badan ay saameeyeen dayacanka lagu daabacay la-talinta ICS-CERT intii lagu jiray 1H 2020. , Tamartu waxay lahayd 236, wax soo saarka muhiimka ah wuxuu lahaa 197, biyaha iyo biyaha wasakhduna waxay lahaayeen 171. Marka la barbardhigo 1H 2019, biyaha iyo biyaha wasakhda ah waxay la kulmeen kororka ugu weyn ee CVEs (122.1%), halka wax soo saarka muhiimka ah uu kordhay 87.3% iyo tamarta 58.9%.
Cilmi-baadhista Claroty tham waxay ogaatay dayacanka 26 ICS ee la shaaciyay intii lagu jiray 1H 2020, iyada oo mudnaanta la siinayo dayacanka halista ah ama khatarta sare leh ee saameyn kara helitaanka, isku halaynta, iyo badbaadada hawlgallada warshadaha.Kooxdu waxay diiradda saartay iibiyeyaasha ICS iyo alaabooyinka leh saldhigyo rakiban oo ballaadhan, doorarka muhiimka ah ee hawlaha warshadaha, iyo kuwa adeegsada borotokoolka taas oo cilmi-baarayaasha Claroty ay khibrad weyn u leeyihiin.Cilmi-baaraha ayaa sheegay in 26-da dayacan ay saameyn xun ku yeelan karaan shabakadaha OT ee saameeyay, sababtoo ah in ka badan 60% ayaa awood u leh nooc ka mid ah RCE-da.
Qaar badan oo ka mid ah iibiyayaasha ay saamaysay sahaminta Claroty, tani waxay ahayd baylahdoodii ugu horreysay ee la soo sheegay.Natiijadu waxay tahay, waxay ku dhaqaaqeen inay abuuraan kooxo ammaan oo u go'ay iyo habab si ay wax uga qabtaan ogaanshaha sii kordhaya ee dayacanka iyadoo ay ugu wacan tahay isku dhafka IT iyo OT.
Si aad u hesho natiijada dhammaystiran iyo falanqayn qotodheer,soo dejisoClaroty Biannual ICS Khatarta & Warbixinta Nuglaanta: 1H 2020halkan.
Waqtiga boostada: Seb-07-2020
