Dragos, Inc., provider of industrial threat detection and response platforms and services, released its annual industrial controls system (ICS) 2018 Year in Review reports today. These annual Year in Review reports provide important metrics and findings from the Dragos team’s first-hand experience tracking ICS adversaries, identifying vulnerabilities and threats, and performing assessments, threat hunts, and incident response in industrial environments.
“As a community we must learn from real experiences and insights to ensure we are constantly pushing the security of our industrial infrastructure forward,” said Robert M. Lee, CEO and Co-founder of Dragos. “It is always the Dragos team’s pleasure to share our knowledge, and we hope these reports serve as both a unique set of insights and a call to action.”
Details of Year in Review
● Industrial Controls System Vulnerabilities Report: The Dragos Intelligence team provides analysis of the ICS-specific vulnerabilities from 2018 and provides impacts, risks, and mitigation options. In 2018, Dragos tracked 204 public vulnerability advisories with an impact on ICS. 68% of advisories covered network-exploitable vulnerabilities, yet only 28% of these network-exploitable advisories provided mitigation advice sufficient to take effective action.
● ICS Activity Groups and the Threat Landscape Report: The Dragos Intelligence team provides insights into threat activity groups actively targeting industrial organizations and provides details of their activity, methodology, victimology, and future concerns. The Dragos Intelligence team has tracked three new ICS activity groups since 2017 and identified a growing trend of adversaries using open source or commercially-available penetration testing tools to pivot from IT networks to ICS networks.
● Lessons Learned from Hunting and Responding to Industrial Intrusions Report:
The Dragos Threat Operations Center (TOC) provides a synopsis of lessons learned while proactively hunting for adversaries in industrial environments and responding to intrusions. In 2018, 37% of Dragos’ incident response engagements involved an initial vector dating over 365 days, while all other engagements were either inconclusive or detected and contained by facility teams and Dragos as they occurred.
Year in Review reports can be found here: https://dragos.com/year-in-review/. To learn more about Dragos’ trusted team of practitioners and its industrial asset identification, threat detection, and response platform and services, contact info@dragos.com or visit dragos.com for more information.
For more from Dragos and cybersecurity, check out this panel discussion: Video: CyberSecurity in Manufacturing - What are the Risks?