Almost half of cyberattacks to Spanish industries can be perpetrated by hackers with low knowledge.
- 84% of attacks are exploitable remotely.
- Only 20% of vulnerabilities require deep knowledge of hacking.
- Only 14% of potential risks are discovered by hardware manufacturers.
Madrid, April 14, 2016. 47% of vulnerabilities in Critical Infrastructures can be overcome by hackers with a low level of specialized knowledge, according to the "Fourth Report on the protection of critical infrastructures" carried out by S2 Grupo, a 100% Spanish company specialized in cybersecurity.
The same study reveals that only 20% of potential attacks on critical infrastructures require a high level of specialized knowledge. The "Fourth Report on Critical Infrastructure Protection" focused on the analysis of industrial process automation systems ICS (Industrial Control System), devices that are currently largely dependent on the Spanish industrial infrastructure, which are very susceptible to receiving cyberattacks.
This type of infrastructure is called "critical" because of the strong socio-economic impact of having a service failure. They also have potentially vulnerable software and hardware by cybercriminals. For its part, 84% of the vulnerabilities analyzed in the ICS can be exploited remotely.
"This is a very high number and it is worrisome, since the attackers do not need to be physically close to the industry they want to hack", says José Rosell, Managing Partner of S2 Grupo. Although most of the vulnerabilities detected by the S2 Grupo report in major industrial control systems manufacturers have patches that reduce insecurity to the "medium risk" category, 43% of the vulnerabilities of the ICSs for which there is still no proposed solution presents a high risk. Higher severity presents the status of hardware or protocol categories, since 86% of potential vulnerabilities do not have a security patch, so the only feasible solution to prevent attacks is to isolate them completely from ICS. In general, the lack of security measures in the form of patches in these computers is due to their long life.
This is because many devices that are active in the market were designed years ago and even decades, so they do not have the means to update their firmware. Intervention by third party specialists Only 14% of the vulnerabilities are discovered by the critical infrastructure hardware manufacturers themselves.
Therefore, it is important to have the intervention of specialists in cybersecurity in the guarantees and maintenance contracts signed with the manufacturers. The risk level of programmable logic controllers (PLCs) is mostly high, at 54%. Almost the other half of the pie, 46% have a low risk, while low-risk PLCs are practically nonexistent.
As for its typology, the most widespread vulnerabilities in critical infrastructures are Denial of Service (DoS), which represent 29% of the total, followed by Authentication / Password Management attacks, which account for 21% of the spectrum analyzed by S2 Grupo. "The investigation of cyberattacks to critical infrastructures is just as incipient as it is necessary. In fact, most of the potential vulnerabilities in ICS are still waiting to be discovered and therefore constitute a latent threat to the users of these systems and the organizations that depend on them", says José M. Rosell.