Yet another warning about keeping industrial control systems (ICS) and other forms cyber security up-to-date comes from the Security Ledger in advising of the 2019 “Global ICS & IIoT Risk Report” – “A data-driven analysis of vulnerabilities in our industrial and critical infrastructure.”
“Many of these networks were designed decades ago when cybersecurity was not a primary design consideration,” Phil Neray, vice president of industrial cybersecurity at CyberXAs, told Security Ledger. “As a result, they are rife with ‘insecure by design’ vulnerabilities such as unencrypted protocols, legacy Windows boxes, vulnerable firmware in controllers–e.g., in embedded web servers–and lack of network segmentation.”
“These vulnerabilities leave ICS networks wide open to attacks from nation-states such as Russia, Iran and North Korea, who are constantly probing them for weaknesses so they can establish footholds, he said.”
“Constantly probing” – yes, cyber security has become a consant search to avoid vulnerability to attacks on critical data points.