Dragos’ Year in Review reports provide the ICS community with lessons learned from its industrial threat intelligence team and threat operations team from 2018
HANOVER, Md., Dragos, Inc., provider of the industry’s most trusted industrial threat detection and response platform and services, released its annual industrial controls system (ICS) 2018 Year in Review reports today. These annual Year in Review reports provide important metrics and findings from the Dragos team’s first-hand experience tracking ICS adversaries, identifying vulnerabilities and threats, and performing assessments, threat hunts, and incident response in industrial environments.
“As a community we must learn from real experiences and insights to ensure we are constantly pushing the security of our industrial infrastructure forward,” said Robert M. Lee, CEO and Co-founder of Dragos. “It is always the Dragos team’s pleasure to share our knowledge, and we hope these reports serve as both a unique set of insights and a call to action.”
Details of Year in Review
- Industrial Controls System Vulnerabilities Report: The Dragos Intelligence team provides analysis of the ICS-specific vulnerabilities from 2018 and provides impacts, risks, and mitigation options. In 2018, Dragos tracked 204 public vulnerability advisories with an impact on ICS. 68% of advisories covered network-exploitable vulnerabilities, yet only 28% of these network-exploitable advisories provided mitigation advice sufficient to take effective action.
- ICS Activity Groups and the Threat Landscape Report: The Dragos Intelligence team provides insights into threat activity groups actively targeting industrial organizations and provides details of their activity, methodology, victimology, and future concerns. The Dragos Intelligence team has tracked three new ICS activity groups since 2017 and identified a growing trend of adversaries using open source or commercially-available penetration testing tools to pivot from IT networks to ICS networks.
- Lessons Learned from Hunting and Responding to Industrial Intrusions Report:
The Dragos Threat Operations Center (TOC) provides a synopsis of lessons learned while proactively hunting for adversaries in industrial environments and responding to intrusions. In 2018, 37% of Dragos’ incident response engagements involved an initial vector dating over 365 days, while all other engagements were either inconclusive or detected and contained by facility teams and Dragos as they occurred.
Year in Review reports can be found here: https://dragos.com/year-in-review/. To learn more about Dragos’ trusted team of practitioners and its industrial asset identification, threat detection, and response platform and services, contact firstname.lastname@example.org or visit dragos.com for more information.
The Dragos ICS threat detection and response platform distills decades of real-world experience from an elite team of ICS cybersecurity experts across the U.S. intelligence community and private industrial companies to provide OT and IT practitioners unprecedented visibility and prescriptive procedures to respond to adversaries in the industrial threat landscape. With the Dragos platform, ICS cybersecurity personnel can independently identify ICS assets, detect ICS threats, and determine ICS cybersecurity-specific responses. Dragos’ offerings include: the Dragos Platform for ICS threat detection and response; Dragos’ Threat Operations Center for ICS threat hunting and incident response services; and Dragos ICS WorldView for weekly threat intelligence reports. Dragos’ platform distills decades of real-world experience from an elite team of ICS cybersecurity experts across the U.S. intelligence community and private industrial companies. Visit dragos.com for more information.