9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
According to an analysis by Armis, 56 percent of business workstation PCs have at least one unpatched critical vulnerability. Using older Windows protocols makes OT devices vulnerable. OT,
According to an analysis by Armis, 56 percent of business workstation PCs have at least one unpatched critical vulnerability. Using older Windows protocols makes OT devices vulnerable.
OT, long operating technology, comprises the most critical infrastructure of companies. A cyber attack on a factory’s production facilities or a hospital’s medical equipment can have serious consequences. Cyber criminals know this all too well and are increasingly shifting their focus to OT devices. Armis researched the security of OT technology and came to some worrying conclusions (via TechRepublic).
The analysis shows, for example, that the security of workplace PCs is a common problem. More than half of the workstations (56%) contained at least one unpatched vulnerability. 16 percent are vulnerable to CVEs that are known to be actively abused. In most cases, these are also vulnerabilities that have been known for more than 18 months but which the organization has not yet addressed.
Therefore, it is not surprising that workplaces are a popular target for cyber attacks. Workstations are oversized computers used to control critical infrastructure. A vulnerable workplace therefore opens the doors wide. In addition to workstations, SCADA servers, power supplies and programmable logic controllers are also among the preferred targets.
Armis attributes many of these vulnerabilities to Windows’ use of the SMBv.1 file-sharing protocol. This now-deprecated protocol was abused in 2017 ransomware attacks using the notorious WannaCry and NotPetya viruses, causing billions of dollars in damages. Apparently, this deters many companies and causes them to continue using outdated Windows software.
The research illustrates how closely intertwined OT and IT are. Armis therefore recommends that OT and IT teams work more closely together on security. But that’s where the shoe pinches, as we found out in an interview with Patrick Commers from Fortinet. OT security is still several years behind IT security and, worse, making the same mistakes that IT made years ago.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
