Analyzing ICS/SCADA Cyber Attacks

Researchers, looking at seven years of data, have concluded that Industrial Control Systems are vulnerable to cyber attacks in the near and foreseeable future.

The report is based on vulnerability data collected from 2005 through October 2012. The report, by Gleb Gritsai, Alexander Timorin, Yury Goltsev, Roman Ilin, Sergey Gordeychik, and Anton Karpin of Positive Technologies, found that the number of disclosed vulnerabilities picked up substantially after the discovery of Stuxnet in 2010.

The researchers found that of the disclosed vulnerabilities, half were SCADA related (51%), with another quarter affecting the Human Machine Interface (HMI) software used in ICS (26%), and PLC flaws around one tenth (11%). Apart from where the vulnerabilities are concentrated, the most common types were buffer overflow (36%), authentication and key management (23%), and remote code execution (13%).

The report finds that 54 percent of the vulnerable ICS systems are located in Europe, 39 percent in North America, and 32 percent in Asia.