Kure kure kutyisidzira kune maindasitiri network ari kusimuka panguva yeCOVID-19: Chirevo

Kure kure kushandiswa kwemaindasitiri kudzora system (ICS) kusadzivirirwa kuri kuwedzera, sekuvimba nekusvika kure kumaindasitiri network kunowedzera panguva yeCOVID-19, mutsva wetsvagiridzo kubva kuClaroty unowana.

 

Zvinopfuura makumi manomwe muzana emaindasitiri ekudzora maindasitiri system (ICS) kusasimba kwakaburitswa muhafu yekutanga (1H) ya2020 inogona kushandiswa kure, zvichiratidza kukosha kwekuchengetedza internet-yakatarisana neICS michina uye kure yekubatanidza yekupinda, sekureva kwekutanga.Biannual ICS Risk & Vulnerability Report, yakabudiswa svondo rino naClaroty, nyanzvi yepasi rose mutekinoroji yekushandisa (OT) chengetedzo.

Chirevo ichi chinosanganisira kuongororwa kwechikwata cheClaroty chekusagadzikana kwe365 ICS kwakaburitswa neNational Vulnerability Database (NVD) uye 139 ICS mazano akapihwa neIndustrial Control Systems Cyber ​​Emergency Response Team (ICS-CERT) panguva ya1H 2020, inokanganisa vatengesi makumi mashanu nevatatu.Chikwata cheClaroty chekutsvagisa chakawana makumi maviri nenhanhatu ekusagadzikana kwakasanganisirwa mune iyi data seti.

Zvinoenderana neshumo nyowani, zvichienzaniswa ne1H 2019, kusasimba kweICS kwakaburitswa neNVD kwakawedzera ne10.3% kubva pa331, nepo ICS-CERT mazano akawedzera ne32.4% kubva pa105. System (CVSS) zvibodzwa.

"Kune ruzivo rwakakura rwenjodzi dzinounzwa nekusagadzikana kweICS uye kutarisisa kwakasimba pakati pevaongorori nevatengesi kuti vaone nekugadzirisa kusagona uku nenzira inobudirira uye nemazvo sezvinobvira," akadaro Amir Preminger, VP wetsvagiridzo kuClaroty.

Akawedzera kuti, "Takaona kukosha kwakakosha kwekunzwisisa, kuongorora, uye kuzivisa nezvehuwandu hweICS njodzi uye kusagadzikana kwenzvimbo kubatsira nharaunda yese yekuchengetedza yeOT.Zvatinowana zvinoratidza kukosha kwazvakaita kuti masangano achengetedze hukama hwekusvika kure uye neinternet-yakatarisana nemidziyo yeICS, uye kudzivirira kubva kune phishing, spam, uye ransomware, kuitira kudzikisira uye kudzikisira zvinogona kuitika mukutyisidzira uku. "

Sekureva kwemushumo, anopfuura makumi manomwe muzana ekusagadzikana kwakaburitswa neNVD kunogona kushandiswa kure, kusimbisa chokwadi chekuti mhepo-yakavharwa ICS network izere.kuparadzaniswa nekutyisidzira kwecyberzvave zvisina kujairika.

Pamusoro pezvo, iyo yainyanya kukonzeresa yaive kure kodhi kuuraya (RCE), inogoneka ne49% yekusagadzikana - ichiratidza mukurumbira wayo senzvimbo inotungamira yekutarisa mukati meOT kuchengetedza tsvakurudzo nharaunda - inoteverwa nekugona kuverenga data rekushandisa (41%). , kukonzera kunyimwa kwebasa (DoS) (39%), uye nzira dzekudzivirira dzinopfuura (37%).

Tsvagiridzo iyi inoona mukurumbira wekushandiswa kure kwakawedzerwa nekukurumidza kwekuchinja kwepasirese kune vashandi vari kure uye nekuwedzera kuvimba nekusvika kure kune ICS network.mukupindura dambudziko reCOVID-19.

Sekureva kwemushumo, magetsi, kugadzirwa kwakakosha, uye mvura uye marara ezvivakwa zvikamu zvakanyanya kukanganiswa nekusagadzikana kwakaburitswa muICS-CERT mazano panguva ye1H 2020. , simba raive ne236, kugadzirwa kwakakosha kwaiva ne197, uye mvura nemvura yakasvibiswa yakanga ine 171. Zvichienzaniswa ne1H 2019, mvura uye mvura yakasvibiswa yakawana kuwedzera kukuru kweCVEs (122.1%), asi kugadzirwa kwakakosha kwakawedzera ne87.3% uye simba ne58.9%.

Tsvagiridzo yeClaroty yakawana kusakwana makumi maviri nenhanhatu ICS yakaburitswa muna 1H 2020, ichiisa pamberi pekunetsekana kwakanyanya kana njodzi huru inogona kukanganisa kuwanikwa, kuvimbika, uye kuchengetedzeka kwemashandiro emaindasitiri.Chikwata ichi chakatarisana nevatengesi veICS uye zvigadzirwa zvine mabhesi makuru ekuisa, mabasa akakosha mukushanda kwemaindasitiri, uye ayo anoshandisa mapuroteni umo Claroty vanotsvaga vane hunyanzvi hwakakura.Mutsvaguri anoti kusagadzikana uku makumi maviri nenhanhatu kunogona kuve nekukanganisa kwakakomba kune akakanganisika OT network, nekuti anopfuura makumi matanhatu muzana anogonesa imwe nzira yeRCE.

Kune vazhinji vevatengesi vakakanganisika nezvakawanikwa naClaroty, iyi yaive yekutanga kutaurwa kusagadzikana kwavo.Nekuda kweizvozvo, ivo vakaenderera mberi nekugadzira zvikwata zvekuchengetedza zvakazvitsaurira uye maitiro ekugadzirisa kukwira kwekusaona njodzi nekuda kwekusangana kweIT neOT.

Kuti uwane iyo yakazara seti yezviwanikwa uye yakadzama ongororo,download theClaroty Biannual ICS Risk & Vulnerability Report: 1H 2020here.

 


Nguva yekutumira: Sep-07-2020