91 per cent of Industrial Control Systems found vulnerable

Kaspersky has released its report on threats to Industrial Control Systems (ICS), which revealed that large organisations are the most at threat as they have the most ICS components connected to the internet. The research found 188,019 hosts with ICS components available via the internet, across 170 different countries.

According to Kaspersky, 91.1 per cent of these hosts have vulnerabilities that can be exploited remotely. Most (87 per cent) have medium risk vulnerabilities and seven per cent have critical vulnerabilities. The majority of remotely available hosts with ICS components installed are located in the US and Europe.Figure_5._ICS_availability_by_country_(Top-20)

The report also revealed that 91.6 per cent of all the externally available ICS components were found to have weak internet connection protocols, which opens the opportunity for attackers to conduct ‘man in the middle’ attacks, according to Kaspersky.  The most vulnerable ICS components were found to be HMIs, electric devices and SCADA systems.

Graphic: Businesswire.