This post is also available in: heעברית (Hebrew)

As more cyber-physical systems become connected, accessibility to these networks from the internet and the cloud requires defenders to have timely, useful vulnerability information to inform risk decisions. Operational Technology (OT) and Industrial Control Systems (ICS) have become more and more vulnerable to cyber-attacks.

There has been a 110% year-over-year increase in the number of ICS vulnerabilities disclosed since 2018, according to a recent report by OT company Claroty. Non-OT products made up 34% of ICS vulnerabilities reported in 2021, and that indicates a trend of businesses merging OT, IT and IoT under a single security umbrella.

Claroty suggests calling a world devoid of distinctions between operational tech, informational tech and internet of things devices the “extended internet of things” (XIoT), “an umbrella term that captures the cyber-physical systems critical to our lives.”

The risks associated with connecting OT, ICS and IoT networks to internet-facing systems go beyond devices and endpoints, according to 

87% of all ICS vulnerabilities reported in 2H 2021 were considered low complexity, meaning an attacker doesn’t need any special conditions and can expect repeated success. 63% of vulnerabilities disclosed in the same timeframe could be executed remotely, and 53% gave attackers the ability to remotely execute code.

What should be done? The company recommends to organizations to segment the network. “Network segmentation is the top step, and should be a top consideration for defenders ahead of other options on our list,” the report said. Organizations should configure virtual zones so they can be easily managed remotely, give zones specific policies tailored to the specific needs of the users in that zone and be sure they reserve the ability to inspect traffic, including OT protocols.