Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

3/26/2014
06:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SANS Report Shows Jump In Attacks On Industrial Control Systems

More Breaches Identified; Vulnerability Detection Limited; Shared Responsibility

BETHESDA, Md., March 25, 2014 /PRNewswire-USNewswire/ -- SANS today announced results of its 2014 Survey on control system security), sponsored by Qualys, Raytheon, Sourcefire, and Tenable Network Security, in which 268 IT professionals answered questions about their overall risk awareness, trends in threats and breaches, and effective means to mitigate vulnerabilities with regard to supervisory control and data acquisition (SCADA)/industrial control systems (ICS).

"Attacks on control systems are on the rise," says Matt Luallen, SANS Analyst and author of this survey. "Budgets for cybersecurity in SCADA ICS environments remain very slim, and organizations continue to be dependent on limited resources and staffing to detect breaches and attacks."

In the year since SANS' last survey on this topic, the number of entities with identified or suspected security breaches has increased from 28% to nearly 40%.
Only 9% can say with surety that they haven't been breached.

Organizations want to be able to protect their systems and assets, which include computer systems, networks, embedded controllers, control system communication protocols and various physical assets. Respondents also noted they strive to protect public safety; increase leadership risk awareness; and expand controls pertaining to asset identification, communication channels and centralized monitoring.

Still, many organizations do not or cannot collect data from some of the most critical SCADA and ICS assets, and many depend on trained staff, not tools, to detect issues. Alarmingly, according to the survey, 16% have no process in place to detect vulnerabilities.

Interestingly, the survey noted a merging of ICS security and IT security.
"Respondents indicated that ICS security is being performed by specialists reporting to both engineering and IT," says Derek Harp, business operations lead for ICS programs at SANS. "This places a real priority on cross-departmental coordination, effectively bridging competencies and building (as well as
assessing) skill in an organized manner."

Results and insights surrounding control system cybersecurity will be released during a webcast on Tuesday, April 1, at 1 PM EST. To register for the complimentary webcast please visit: http://www.sans.org/info/155470

Those who register for these webcasts will be given access to an advanced copy of the associated report developed by Matt Luallen.

The SANS Analyst Program, www.sans.org/reading_room/analysts_program, is part of the SANS Institute.

Tweet this: #SCADA #ICS security pros reveal major issues, concerns in new @SANSInstitute survey report. Webcast April 1 http://bit.ly/ctl-sys-security

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest source for world-class information security training and security certification in the world, offering over 50 training courses each year. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 27 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community.
(www.SANS.org)

SOURCE SANS Institute

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.