FireEye highlights vulnerabilities in Industrial Control Systems

Since 2000, FireEye has identified 1,600 publicly disclosed vulnerabilities

Tags: Cyber crimeFireEye (www.fireeye.com)
  • E-Mail
FireEye highlights vulnerabilities in Industrial Control Systems FireEye stated that many of these vulnerabilities are left unpatched and some are simply beyond restoration due to outdated technology.
By  Aasha Bodhani Published  August 8, 2016

Cybersecurity firm FireEye has revealed it identified almost 1,600 publicly disclosed Industrial Control Systems (ICS) vulnerabilities since 2000.

Its latest report, "Overload: Critical Lessons from 15 Years of ICS Vulnerabilities", highlights trends in total ICS vulnerability disclosures, patch availability, vulnerable device type and other vulnerabilities exploited by threat actors.

FireEye stated that many of these vulnerabilities are left unpatched and some are simply beyond restoration due to outdated technology, which in effect increases the attack surface for potential adversaries. Furthermore, nation-state cyber threat actors have exploited five of these vulnerabilities in attacks in since 2009.

Other key findings reveal that ICS vulnerability disclosures surged 49% between 2014 and 2015, 33% of vulnerabilities encountered by industrial environments had no vendor fixes and 123 vendors were affected by vulnerability disclosures.

In the past, such vulnerabilities has hit electric grids, water supplies and production lines, plus security personnel from manufacturing, energy, water and other industries are often unaware of their own control system assets and what may affect them, leaving them exposed to potential threats.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code