91% of Industrial Organizations Can Be Penetrated by Hackers
A new report released by Positive Technologies has found that roughly 91% of industrial organizations are vulnerable to cyber-attacks. The study found that external attackers are able to penetrate the corporate network in 9 out of 10 of the organizations studied. Once inside, the attackers are able to obtain user credentials and take complete control over the industrial infrastructure in all of the cases. In over two-thirds of the instances, external hackers can steal sensitive data from the organization including information about employees, partners, and internal documentation. Penetration testers at Positive Technologies gained access to the technological segment of the network in 75% of the organizations in question. In 56% of cases, this initial step enabled them to access industrial control systems.
If attackers were to gain access to ICS components, the consequences could be disastrous. Attackers could inflict severe damage and even fatalities by shutting down entire productions, causing equipment to fail, and triggering industrial accidents. Positive Technologies stated that there are a variety of reasons for which these organizations are vulnerable, including the use of outdated software, saved connection parameters, and weak credentials.