Boundary Protection Top ICS Weaknesses

Monday, July 17, 2017 @ 02:07 PM gHale


For the third straight year, ICS-CERT assessment teams found weaknesses related to boundary protection to be the most prevalent.

Weaknesses related to the principal of least functionality were the second most commonly discovered issues, as was the case in FY 2015, according to the ICS-CERT Annual Assessment Report.

RELATED STORIES
Critical Infrastructure Attacks Ongoing
Ransomware Attack Part II
WannaCry Shuts Honda Plant
‘Hidden Cobra’ Warning Issued by Feds

Year-over-year comparisons discovered weaknesses, in order of prevalence, from FY 2014-16. While least privilege and allocation of resources categories fell out of the top six weaknesses (they were fourth and fifth in FY 2015), in FY 2016 they were ranked seventh and eighth, respectively.

These changes may be due to the year-over-year variances in the types of assets assessed rather than to shifts in the overarching ICS cybersecurity posture.

Cyber incidents at home and abroad in FY 2016 highlighted the continued and significant risks associated with cyber-attacks on industrial control systems (ICS).To meet new and existing cybersecurity challenges, ICS-CERT redoubled efforts to provide users with comprehensive assessments of their ICS cybersecurity posture, arming them with understanding of their cyber vulnerabilities and with the expert guidance they need to mitigate ICS cyber threats.

The third ICS-CERT Annual Assessment Report captures the Assessment team’s consolidated discoveries and activities throughout the year.

The report summarizes key issues and provides year-over-year vulnerability comparisons across critical infrastructure (CI) sectors.



Leave a Reply

You must be logged in to post a comment.