Strategy, Threat intelligence

Active exploit risk in utilities worsens

June 14, 2021
A WhiteHat Security study showed that the utility sector's window of exposure to exploited application vulnerabilities rose from 55% two months ago to 67% last month, indicating worsening active exploit risks among utilities, reports Threatpost.

"Application specific attacks are equally prevalent, if not more likely, than ransomware (Colonial Pipeline is fresh in our minds). Application weakness is an easy backdoor for the installation of ransomware, especially given the high-impact nature of the ransomware in utilities," said the report.

Several factors are behind the increasing vulnerability exposure of utility networks, including the transition of legacy systems to internet-facing applications and the growing practice of connecting internet of things systems and operational technology to backend operations, according to Setu Kulkarni, WhiteHat's vice president of strategy.

"OT/IoT systems themselves are not well-secured and at the same time the legacy transactional systems were not designed to meet the scale and security needs of this hyper-proliferation of OT/IoT devices," said Kulkarni.
Jill Aitoro

SC Media Editor in Chief Jill Aitoro has 20 years of experience editing and reporting on technology, business and policy. She also serves as editorial director at SC Media’s parent company, CyberRisk Alliance. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

prestitial ad