More than half of industrial enterprises still use outdated OS
Outdated and unsupported operating systems are still present in the networks of industrial enterprises, putting them at serious risk. According to CyberX researchers, about 62% of industrial enterprises still use outdated OS.
62% of industrial networks still use devices running on older versions of Windows, such as Windows XP and Windows 2000. Considering Windows 7, which will end support in January 2020, this figure will be 71%.This information is provided in the CyberX 2020 Global IoT/ICS Risk Report, based on data collected from more than 1800 networks around the world from October 2018 to October 2019.
“Based on data collected in the past 12 months from 1,821 production IoT/ICS networks — across a diverse mix of industries worldwide — the analysis was performed using passive, agentless monitoring with patented deep packet inspection (DPI) and Network Traffic Analysis (NTA)”, — tell about their job CyberX specialists.
The data shows that IoT/ICS environments continue to be soft targets for adversaries, with security gaps in key areas such as:
- Outdated operating systems
- Unencrypted passwords
- Remotely accessible devices
- Unseen indicators of threats
- Direct internet connections
- No automatic AV updates
Using outdated versions of Windows puts companies at serious risk, because attackers can hack systems using vulnerabilities, information and PoC codes, which are often shared. Even if Microsoft releases patches for dangerous vulnerabilities, as was in the case of Bluekeep, not all enterprises will be able to apply patches in industrial systems.
Read also: Attackers gained access to the NordVPN servers back in 2018
Researchers found suspicious activity in 22% of the monitored networks. Suspicious actions include scanning, incorrect HTTP headers, known malware, and excessive connections between devices. More than half of the networks used devices that could be accessed remotely through an RDP, SSH connection, or VNC. In 27% of cases, devices were accessible from the Internet.
In 64% of cases, unencrypted passwords were used in enterprise networks, making it easy for attackers to intercept them.
“Complicating the situation is the fact that passwords are rare, and sometimes never change at all in IoT and industrial automation environments”, – say CyberX researchers.
According to experts, in 66% of cases, automatic updating of software for security was disabled.