RISI: ICS Attacks Start via Remote Access

Wednesday, April 11, 2012 @ 06:04 PM gHale


Just around 35% of industrial control system (ICS) security incidents initiate through remote access, said a new report focusing on the manufacturing automation market.

Supporting this finding is the Repository for Industrial Security Incidents (RISI) survey results saying nearly 65% of facilities allow remote access to their control systems. These findings and more are in the just released “2011 Annual Report on Cyber Security Incidents and Trends Affecting Industrial Control Systems.”

RELATED STORIES
RISI Report: End Users Suffer Hits
Water Plant Cyber Incident Cause for Alarm
Help Secure the Industry
Malware Report: Learn from Past Attacks

RISI is an industry-wide repository for collecting, analyzing, and sharing information regarding cyber security incidents that directly affect industrial control and supervisory control and data acquisition (SCADA) systems. Industrial automation system suppliers, end-users and international government agencies and research institutes have been relying on RISI since 2009 to provide them with insight into the trends affecting ICS security. RISI data sees use for business justification, risk analysis and a variety of research projects.

ICS and SCADA security has been a serious concern for over a decade but has come under increased scrutiny following the discovery of the Stuxnet virus in 2010 and the Duqu virus in 2011. Both of these viruses specifically targeted industrial control systems.

The 80-page 2011 Annual Report includes detailed analysis of the 220 incidents recorded in the RISI database ranging from 2001 through the end of 2011. The analysis identifies where and when the incidents occurred, while also identifying the types of incidents and the threat agents that executed them including the methods and techniques used to gain entry. The financial and operational impact on the “victims” is also part of the analysis.

The report also includes detailed results and analysis from the first annual RISI Control System Security Benchmark Survey.

The survey data provides insight into the current state of control system security especially when compared with the data regarding actual incidents. RISI data indicates the percentage of control system security incidents caused by malware, while still very high (28%), has been steadily declining over the last 5 years. This trend gains support through the data that indicates more than 60% of facilities have implemented patch and anti-malware management programs.

Click here to get a discount on the report or with a company or corporate membership.



Leave a Reply

You must be logged in to post a comment.