CloudSEK<\/a> published a new report exploring ICSs and their security posture in light of recent cyberattacks against industrial, utility, and manufacturing targets. The research focuses on ICSs available through the internet.<\/p>\n“While nation-state actors have an abundance of tools, time, and resources, other threat actors primarily rely on the internet to select targets and identify their vulnerabilities,” the team notes. “While most ICSs have some level of cybersecurity measures in place, human error is one of the leading reasons due to which threat actors are still able to compromise them time and again.” <\/p>\n
Some of the most common issues allowing initial access cited in the report include weak or default credentials, outdated or unpatched software vulnerable to bug exploitation, credential leaks caused by third parties, shadow IT, and the leak of source code. <\/p>\n
After conducting web scans for vulnerable ICSs, the team says that “hundreds” of vulnerable endpoints were found. <\/p>\n <\/section>\nCloudSEK highlighted four cases that the company says represents the current issues surrounding industrial and critical service cybersecurity today: <\/p>\n
An Indian water supply management company:<\/strong> Software accessible with default manufacturer credentials allowed the team to access the water supply management platform. Attackers could have tampered with water supply calibration, stop water treatments, and manipulate the chemical composition of water supplies. <\/p>\n<\/span>![\"screenshot-2021-10-12-at-16-23-48.png\"](\"https:\/\/www.zdnet.com\/a\/img\/resize\/d9067b98677331c889877d723b45c46f608d3ee6\/2021\/10\/12\/6f99a4d2-071b-4337-8f8d-713c2abc16a7\/screenshot-2021-10-12-at-16-23-48.png?fit=bounds&auto=webp\")