"Utilities ‘Concerningly’ at Risk from Active Exploits"

Utilities’ vulnerability to application exploits goes from bad to worse in just weeks. The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months. A new report from WhiteHat Security measured the amount of time a sector remained vulnerable to a known application exploit out in the wild, a metric they call an industry’s window of exposure (WoE). The researchers found the WoE for the utility sector climbed from 55 percent two months ago to 67 percent last month. The researchers stated that application specific attacks are equally prevalent, if not more likely, than ransomware. Application weakness is an easy backdoor for the installation of ransomware, especially given the high-impact nature of the ransomware in utilities. The spike in WoE for the utility sector is attributable to several factors. According to researchers, the first is a shift of clunky legacy systems into internet-facing applications. In essence, the legacy systems were never meant to be internet-facing, and now they are, the researchers stated.

Threatpost reports: "Utilities ‘Concerningly’ at Risk from Active Exploits"