91% of industrial organizations can be penetrated by hackers
More than nine in 10 industry organizations (91%) are vulnerable to cyber attacks, according to a new report from Positive Technologies.
The study found that external attackers can penetrate the corporate network in all of these organizations and, once inside, can gain user credentials and full control over the infrastructure in 100%. cases. In more than two-thirds (69%) of these cases, external attackers can steal sensitive data from the organization, including information about the company’s partners and employees and internal documentation.
Additionally, Positive Technologies penetration testers gained access to the technology segment of the network for 75% of organizations. This then gave them access to industrial control systems (ICS) in 56% of cases.
Once malicious actors gain access to ICS components, they have the potential to cause serious damage and even death, including shutting down entire productions, equipment failure and triggering industrial accidents.
Positive Technologies said that there are a series of factors that make these organizations vulnerable to hackers. For example, during recent PT NAD pilot projects, its experts discovered numerous suspicious events in the internal network of each industrial company. In one case, PT NAD recorded an RDP connection to external cloud storage, allowing 23 GB of data to be transferred to that storage address via RDP and HTTPS.
The seller also noted that industrial companies often use outdated software and typically save connection parameters (username and password) as a form of remote access authentication, allowing attackers to connect to them. resources of an isolated segment without credentials when they gain control of such a computer.
The potential impact of an attack on an industrial organization was demonstrated during a virtual cyber-lineup at The Standoff 2021. In one scenario, in two days, the attackers took control of the gas station, disrupting the gas supply and causing an explosion.
Olga Zinenko, senior analyst at Positive Technologies, commented: “Today, the level of cybersecurity in most industrial companies is too low to be comfortable. In most cases, the external network perimeters accessible over the Internet contain weak protection, the device configurations contain loopholes, and we find a low level of security of the ICS network and the use of dictionary and password passwords. Obsolete software versions present risks.