Armis has released new research analysing the threat that various devices pose to the manufacturing, utilities, and transportation critical infrastructure industries. Data from the Armis Asset Intelligence and Security Platform, which tracks over three billion assets, found that the operational technology (OT) and industrial control systems (ICS) devices that present the highest risk to these industries are engineering workstations, SCADA servers, and uninterruptible power supply devices.
The research found that engineering workstations are the OT device that received the most attempts of attack in the industry in the past two months, followed by SCADA servers. 56 percent of engineering workstations have at least one unpatched critical severity Common Vulnerabilities and Exposures (CVEs) and 16 percent are susceptible to at least one weaponized CVE, published more than 18 months ago.
Uninterruptible power supplies (UPS) are the third device type that suffered the most attack attempts in the past two months. Although critical for business continuity in an event of power outage, data showed that 60 percent of UPS devices have at least one unpatched critical severity CVE, which could potentially lead criminals to cause physical damage to the device itself or other assets connected to it.
OT industries are characterized by having multiple locations, multiple lines of production and complex distribution lines with a vast amount of both managed and unmanaged devices on their networks. In that context, understanding where risk comes from and remediation is needed presents a significant challenge and can be an obstacle to vulnerability management, posing an entry point for malicious actors.
The need for collaboration between OT and IT teams
OT industries have significantly changed in the past years due to the convergence of OT and information technology. This alignment is driving a new phase for the industrial era and will enable cross-domain collaboration but, in practice, unified management of both environments has yet to take place. With OT teams focused on maintaining industrial control systems, mitigating risks to OT and ensuring overall integrity within operational environments, more IT focused duties have been left aside.
"From an organizational perspective, having a risk-based approach to vulnerability management must go hand in hand with OT and IT departments working together to help coordinate mitigation efforts," said Nadir Izrael CTO and Co-founder of Armis. "Cross-departmental projects will help streamline process and resource management and achieve greater compliance and data security. Overall, to navigate the challenges of the new industrial era, security professionals need an IT/OT convergence security solution that shields all assets connected to the network."