Water and Wastewater Sector Third Most Affected by ICS Vulnerabilities Disclosed in First Half 0f 2020

With vulnerability management being a pillar of every successful cyber risk management strategy, the latest report by industrial cybersecurity firm Claroty provides material evidence for member utilities challenged with prioritizing cybersecurity in the OT environment. According to findings in the Claroty Biannual ICS Risk & Vulnerability Report: 1H 2020, the water and wastewater sector falls just below energy and critical manufacturing for the critical infrastructure sectors most affected by vulnerabilities published in ICS-CERT advisories. As highlighted in the report, the impact from the vulnerabilities among the aforementioned top three critical infrastructure sectors is a wide margin compared to other sectors, and includes nearly 100 more vulnerabilities for the water and wastewater sector than 1H 2019. Claroty also highlights more than 70% of the 365 ICS vulnerabilities disclosed in 1H 2020 are remotely exploitable, and the leading potential impact from a successful exploit is unauthorized code or command execution. Both findings are stark reminders of the importance of keeping internet-facing ICS devices to a bare minimum and protecting and continuously verifying the devices that are deemed essential to be remotely accessible. Claroty includes recommended measures and controls to mitigate risks and impacts from the vulnerabilities contained in the report – many recommendations echoing the WaterISAC 15 Cybersecurity Fundamentals and reinforcing other common standard practices. Key findings in the report reveal the most-affected vendors, products, sectors, and regions, the most prevalent criticality scores, attack vectors, impacts, and other characteristics of these vulnerabilities, and how the ICS risk and vulnerability landscape has changed since 1H 2019. Members are encouraged to review the report and validate existing controls against the list of impacted devices deployed in their environment. Access the report at Claroty