Drives & Controls April 2022
April 2022 www.drivesncontrols.com 10 n NEWS THE NUMBER OF cyber-vulnerabilities discovered in industrial control systems (ICSs) soared by 110% over the past four years, with a 25% increase (to 797) in the second half of 2021 alone, compared to the previous six months, according to new research from the security firm, Claroty. Almost all (87%) of the vulnerabilities were rated as “low complexity”, meaning they don’t need special conditions and attackers exploiting them could expect to be successful every time. In its fourth Biannua l ICS Risk & Vulnerability Report , Claroty suggests that the figures reflect a heightened awareness of the issue and a shift of security research towards OT (operational technology) environments More than half (53%) of ICS vulnerabilities now involve remote code execution, followed by denial-of-service conditions (42%), bypassing protection mechanisms (37%), and allowing attackers to read application data (33%). Almost two thirds (63%) can be exploited remotely through a network attack vector, indicating that the need for secure remote access, which accelerated due to the Covid-19 pandemic, is here to stay. Most vulnerabilities (70%) can be exploited without needing special privileges, and 64% need no user interaction. The report finds that ICS vulnerabilities are expanding beyond operational technology (OT) to the extended Internet of Things, with 34% of those discovered in the second half of 2021 affecting IoT, medical and IT assets. Claroty suggests that organisations will respond by merging their OT, IT, and IoT activities under single security management systems. It adds that asset owners and operators need “a thorough snapshot” of their environments to manage vulnerabilities and reduce their exposure. “As more cyber-physical systems become connected, accessibility to these networks from the Internet and the cloud requires defenders to have timely, useful vulnerability information to inform risk decisions,” says Claroty’s vice- president of research, Amir Preminger. “The increase in digital transformation, combined with converged ICS and IT infrastructure, enables researchers to expand their work beyond operational technology (OT), to the Extended IoT (XIoT). “High-profile cyber-incidents in 2H 2021 – such as the Tardigrade malware, the Log4j vulnerability and the ransomware attack on New Cooperative – show the fragility of these networks, stressing the need for security research community collaboration to discover and disclose new vulnerabilities.” Although the number of vulnerabilities discovered by automation vendors themselves grew by 76% over the past four years, half were found by third parties – mostly cybersecurity companies. Claroty says this demonstrates a maturing industry and discipline around vulnerability research, with vendors allocating more resources to the security of their products. The most commonly recommended step for mitigating the effects of vulnerabilities is network segmentation (suggested for 21% of vulnerabilities), followed by protection against ransomware, phishing and spam (15%) and restricting traffic (13%). The report is available as a free download. www.claroty.com ICS cyber-vulnerability discoveries soared by 110% in past four years Mach 2022 4–8 April 2022 NEC, Birmingham The exhibition, organised by the Manufacturing Technologies Association, will be part of part of the UK’s largest showcase for advanced engineering and manufacturing, which includes the Drives & Controls Show. New for 2022 are extended IT for Manufacturing Zone and 3D Printing Zones. www.machexhibition.com Drives & Controls 2022 05 - 07 April, 2022 NEC, Birmingham, UK The Drives & Controls exhibition and co- located events return to the NEC covering areas including automation, robotics, drives, machine safety, energy efficiency and motion control. Running alongside the Drives exhibition will be the Air-Tech, Fluid Power & Systems, Smart Industry Expo and Plant & Asset Management exhibitions, as well as the Mach show. www.drives-expo.com UKIVA Machine Vision Conference & Exhibition 28 April, 2022 Milton Keynes, UK Now in its sixth year, the event returns to the Marshall Arena to showcase the latest machine vision and imaging technologies and services frommore than 60 suppliers. The event will include a series of technical seminars and will provide opportunities for machine vision users and engineers to network and share knowledge. www.machinevisionconference.co.uk Hannover Messe 30 May –2 June, 2022 Hannover, Germany As the industrial mega-show returns as a face-to-face physical event in 2022, the key topics will be digitalisation and sustainability. Under the overarching theme of industrial transformation, leading global companies will show how to shift successfully to digitalised, resource-efficient and climate-neutral production. The partner country for 2022 is Portugal. https://www.hannovermesse.de/en Hillhead 2022 21-23 June, 2022 Buxton, Derbyshire The organisers of the quarrying, construction and recycling event, which takes place in a quarry, say that this year’s showwill have more than 600 exhibitors the first time. As well as exhibition marquees, the event includes live demonstrations of working equipment. www.hillhead.com Almost two thirds of ICS vulnerabilities are classified as high or critical. Source: Claroty The former president of ABB’s Electrification business, TarakMehta , has been appointed president of its Motion business, swapping places with MortenWierod , who will now take on the presidency of Electrification. US and Swiss national Mehta joined ABB in 1998 and held management positions in its Power Products division before becoming global head of ABB Transformers and then its LowVoltage Products division. In 2016, Mehta became president of ABB’s Electrification business. In another change, Marc Segura has been appointed president of ABB’s Robotics division. Fernando Colás has been named as CEO of Omron’s Industrial Automation Business (IAB) in the EMEA region. He succeeds Seigo Kinugawa , who is returning to Japan to head Omron’s Global Business Process and IT Innovation headquarters. Colás, a Spanish native, began his career with Omron in 1985 in sales and marketing. Since then, his 37- year career with the company has included more than two decades as a senior leader, with positions as general manager of Iberia and EMEA division manager. Colás will report to Omron Automation president, Junta Tsujinaga.
Made with FlippingBook
RkJQdWJsaXNoZXIy MjQ0NzM=