Rashin lahani na tsarin sarrafa masana'antu (ICS) mai nisa yana ƙaruwa, yayin da dogaro ga samun damar nesa da hanyoyin sadarwa na masana'antu yana ƙaruwa yayin COVID-19, sabon rahoton bincike daga Claroty ya gano.
Fiye da kashi 70% na raunin tsarin kula da masana'antu (ICS) da aka bayyana a farkon rabin (1H) na 2020 za a iya amfani da su daga nesa, yana nuna mahimmancin kare na'urorin ICS masu fuskantar intanet da hanyoyin shiga nesa, bisa ga ƙaddamarwar.Rahoton Hadarin ICS & Rauni na Biyu, saki a wannan makon taClaroty, masanin duniya aFasahar aiki (OT) tsaro.
Rahoton ya ƙunshi kimantawar ƙungiyar bincike ta Claroty game da raunin ICS 365 da Cibiyar Kula da Lafiya ta Kasa (NVD) ta buga da kuma shawarwarin ICS 139 da Cibiyar Ba da Agajin Gaggawa ta Cyber (ICS-CERT) ta bayar a lokacin 1H 2020, yana shafar dillalai 53.Ƙungiyar binciken Claroty ta gano 26 daga cikin raunin da ke tattare da wannan saitin bayanai.
Dangane da sabon rahoton, idan aka kwatanta da 1H 2019, raunin ICS da NVD ta buga ya karu da 10.3% daga 331, yayin da shawarwarin ICS-CERT ya karu da 32.4% daga 105. Fiye da 75% na raunin rauni an sanya su babba ko mahimmancin Sakamako na gama gari. Tsarin (CVSS) maki.
Amir Preminger, VP na bincike a Claroty ya ce "Akwai kara wayar da kan jama'a game da hadarin da ke tattare da raunin ICS da kuma mayar da hankali sosai a tsakanin masu bincike da dillalai don ganowa da gyara wadannan raunin yadda ya kamata da kuma yadda ya kamata," in ji Amir Preminger, VP na bincike a Claroty.
Ya kara da cewa, "Mun fahimci mahimmancin bukatu don fahimta, kimantawa, da bayar da rahoto game da cikakken hadarin ICS da yanayin rauni don amfanar dukkanin al'ummomin tsaro na OT.Abubuwan da muka gano sun nuna muhimmancin da ke da mahimmanci ga ƙungiyoyi su kare hanyoyin shiga nesa da na'urorin ICS masu fuskantar intanet, da kuma kariya daga phishing, spam, da ransomware, domin ragewa da rage tasirin waɗannan barazanar."
A cewar rahoton, sama da kashi 70% na raunin da NVD ta buga za a iya amfani da su daga nesa, wanda ke ƙarfafa gaskiyar cewa cibiyoyin sadarwa na ICS masu cike da iska.ware daga barazanar yanar gizosun zama ba a saba gani ba.
Bugu da ƙari, babban tasirin da ya fi dacewa shine aiwatar da lambar nesa (RCE), mai yiwuwa tare da 49% na raunin rauni - yana nuna fifikonsa a matsayin babban yanki na mayar da hankali a cikin al'ummar binciken tsaro na OT - sannan ikon karanta bayanan aikace-aikacen (41%). , haifar da ƙin sabis (DoS) (39%), da hanyoyin kariya ta hanyar wucewa (37%).
Binciken ya gano ficewar yin amfani da nesa ya ta'azzara saboda saurin sauye-sauyen duniya zuwa ma'aikata mai nisa da kuma karuwar dogaro ga samun damar shiga hanyoyin sadarwa na ICS.a matsayin martani ga annobar COVID-19.
A cewar rahoton, sassan makamashi, masana'antu masu mahimmanci, da ruwa da samar da ababen more rayuwa sun kasance mafi tasiri ta hanyar lahani da aka buga a cikin shawarwarin ICS-CERT yayin 1H 2020. Daga cikin 385 na musamman na ɓangarorin gama gari da Bayyanawa (CVEs) waɗanda aka haɗa a cikin shawarwarin. , makamashi yana da 236, masana'antu mai mahimmanci yana da 197, kuma ruwa da ruwa mai tsabta yana da 171. Idan aka kwatanta da 1H 2019, ruwa da ruwan sha sun sami karuwa mafi girma na CVEs (122.1%), yayin da masana'antu masu mahimmanci sun karu da 87.3% da makamashi da 58.9%.
Binciken Claroty thham ya gano raunin raunin ICS 26 da aka bayyana yayin 1H 2020, yana ba da fifiko mai mahimmanci ko haɗari mai haɗari wanda zai iya shafar samuwa, dogaro, da amincin ayyukan masana'antu.Ƙungiyar ta mai da hankali kan dillalai na ICS da samfuran da ke da sansanoni masu yawa, ayyuka masu mahimmanci a cikin ayyukan masana'antu, da waɗanda ke amfani da ka'idoji waɗanda masu binciken Claroty ke da ƙwarewa sosai.Mai binciken ya ce waɗannan raunin 26 na iya yin tasiri mai tsanani akan hanyoyin sadarwar OT da abin ya shafa, saboda fiye da 60% suna ba da damar wani nau'i na RCE.
Ga da yawa daga cikin dillalan da binciken Claroty ya shafa, wannan shine farkon raunin da aka ruwaito.Sakamakon haka, sun ci gaba da ƙirƙirar ƙungiyoyin tsaro na sadaukarwa da matakai don magance haɓakar gano rashin lahani saboda haɗuwar IT da OT.
Don samun damar cikakken tsarin binciken da bincike mai zurfi,download daClaroty Biannual ICS Hadarin & Rahotan Rauni: 1H 2020nan.
Lokacin aikawa: Satumba-07-2020