Penetration tests conducted against the control systems of 11 industrial companies found most are exceedingly easy to access, particularly if the hacker has already managed to gain entry into the corporation's information system.
And if not in most cases the passwords being used were far below the standard required to maintain security.
Positive Technologies found 73 percent of corporate information systems (CIS) have insufficient perimeter defenses, but making the situation much worse is that if a hacker gains entry into the CIS the attacker has an 82 percent chance of penetrating the industrial network. Then compounding the problem further is the research found the attack vectors needed to access the industrial network were ranked either low or trivial in difficulty, which means pulling off an attack is a relatively easy task.
Admins shouldered some of the blame for this ease of access. In cases where it was possible to access the industrial network from the CIS, Positive Technologies always found flaws in network segmentation.
“In 64 percent of cases, these flaws were introduced by administrators in the process of creating remote administration mechanisms. At 18 percent of companies, ICS components were not even isolated on a separate network segment,” the report stated.
Weak passwords were shown to often be the way hackers first entered a CIS. In this way industrial companies managed to mimic the behavior of many consumers by either not changing the default password, having no password or having easy to discern passwords.
The report stated that 82 percent of the companies used a password with an alphanumeric up to 8-digit in length, but in 55 percent of the cases, the password was 123456. The research also found large numbers of default passwords, no password or the word admin being used.
Next, even when a password was used it was possible to utilize password dictionaries to brute force the word and gain access. This method was effective in 55 percent of the cases against operating systems, 45 percent against routers and 36 percent against application software. Even companies that had stronger passwords still managed to remain vulnerable by storing them in cleartext on workstations, shared directories, FTP servers and domain controllers.