Claroty biannual ICS risk & vulnerability report: 2H 2021

We are fast approaching a time when highly connected cyber-physical systems are the norm, and the lines between information technology (IT), operational technology (OT), and Internet of Things (IoT) security management are blurred.

All of it will be connected to, and managed from, the cloud, and unfathomable amounts of data will be processed in order to fine-tune performance, deliver analytics on key services, and ensure the integrity of critical industrial, healthcare, and enterprise processes.

This is the new paradigm of the Extended Internet of Things (XIoT), one that enhances the need for timely, useful vulnerability information in order to better inform risk decisions. Claroty, today, publishes its fourth Biannual ICS Risk & Vulnerability Report. The report was prepared by Claroty’s research arm, Team82, in effort to define and analyze the vulnerability landscape relevant to leading automation products and connected devices used across domains.

While the volume of headline-grabbing attacks dwindled in the second half of 2021 compared to the first six months, those incidents will only fuel the eventual prioritization of XIoT cybersecurity among decision makers. You’ll also see from our analysis in this report—our data sources encompass all commercial products running inside critical infrastructure and other sectors such as manufacturing, healthcare, and IoT—that the percentage of vulnerabilities that were disclosed in the second half of last year in connected IoT and medical devices, as well as a growing number of IT vulnerabilities, continues to climb, reaching 34%, up from 29% in 1H 2021.

This indicates that organizations will merge OT, IT, and IoT under converged security management, and that OT and ICS will no longer be their own walled-off disciplines. Therefore, asset owners and operators must have a thorough snapshot of their environments in order to manage vulnerabilities and lessen their exposure.

In this report, Team82 delivers a comprehensive look at industrial control system (ICS) vulnerabilities publicly disclosed during the second half of 2021, including those found by Team82 and those found by affected vendors, independent security researchers, and experts inside other organizations.

Security managers, asset owners, and operators, are urged to use this report as a resource, one that delivers not only data about vulnerabilities that are prevalent in industrial devices, but also the necessary context around them to assess risk within their respective environments.