"Industrial (Remote) Control: RCE Vulnerabilities for ICS Suggest the Air Gap is Gasping its Last"
The operational technology (OT) specialist Claroty released a new biannual threat report based on the assessment of 365 Industrial Control System (ICS) vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories released by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in H1. According to the report, over 70% of the vulnerabilities disclosed in the first half of 2020 can be exploited by attackers remotely, further emphasizing the importance of improving the protection of remote access connections. This article continues to discuss key findings shared by the report regarding the number of ICS vulnerabilities disclosed in the first half of 2020 compared to that of 2019, the top vendors affected by vulnerabilities published by the NVD, the most impacted infrastructure sectors, and how remote access connections could be protected.