Critical infrastructure security dubbed 'abysmal' by researchers

The “abysmal” state of security for industrial control systems (ICSs) is putting critical services at serious risk, new research finds. 

You only need to look at the chaos caused by a ransomware attack launched against Colonial Pipeline this year — leading to panic buying and fuel shortages across part of the US — to see what real-world disruption cyber incidents can trigger, and their consequences can go far beyond the damage one company has to repair.  

It was only last month that the Port of Houston fended off a cyberattack and there is no reason to believe cyberattacks on operational technology (OT) won’t continue — or, perhaps, become more common. 

On Friday, CloudSEK published a new report exploring ICSs and their security posture in light of recent cyberattacks against industrial, utility, and manufacturing targets. The research focuses on ICSs available through the internet.

“While nation-state actors have an abundance of tools, time, and resources, other threat actors primarily rely on the internet to select targets and identify their vulnerabilities,” the team notes. “While most ICSs have some level of cybersecurity measures in place, human error is one of the leading reasons due to which threat actors are still able

Read More: https://www.zdnet.com/article/critical-infrastructure-security-dubbed-abysmal-by-researchers/#ftag=RSSbaffb68