CYBER SECURITY
tecnica
Giugno/Luglio 2017
Automazione e Strumentazione
86
The proliferation of remote accessible applications and always connected systems,
including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition
(SCADA) networks, real-time remote control systems, IoT devices and all the distributed
management technologies, means that the risk of cyber attacks and potentially
dangerous threats is growing and it can only increase in the next years. In this report
paper will be analysed the distribution and the exposition of these systems, found alive
inside the European cyber perimeter, and their services along with a deep analysis of
evident bad configurations, easy exploitable vulnerabilities, public and private indicators
of compromise and even real and known compromissions already happened. The
‘Lutech Operational Intelligence - Analysis of exposed ICS, Scada and IoT systems in
Europe’ report hereby presented is based on information provided by Lutech Threat
Management Service for Cyber Threat Intelligence (L-TMS/CTI).
Francesco Faenzi
Luca Dinardo
Fabio Bellani
Analysis of exposed
ICS, Scada and IoT Systems in Europe
Lutech Cyber Threat Intelligence team star-
ted its research by identifying ICS/Scada/IoT
systems, reachable from the Internet, inside
the European cyber perimeter.
Lutech Team used a specific L-TMS/CTI
source which maintains a database of every
device connected to the Internet along with
their relative exposed services. This source
GLI AUTORI
F. Faenzi, Head of Lutech Cyber-
security Business Platform; L.
Dinardo, Lutech Analyst; F. Bellani,
Lutech Researcher & Developer.
AN OPERATIONAL INTELLIGENCE REPORT BY LUTECH TEAM
Basing on the presented dataset, Lutech Team performed a research and different kind of security analysis and
considerations about systems. These analysis are resulted in finding different known vulnerabilities exposed, bad
configurations, systems that were used for phishing campaign and as command & control malware, etc.
Analisi dei sistemi ICS, Scada e IoT a rischio in Eurapa
La diffusione di applicazioni remote e sistemi sempre connessi, quali Industrial Control Systems (ICS), Supervisory Control and Data Acqui-
sition (Scada), sistemi di controllo in real-time, sistemi IoT ecc., significa, da un punto di vista della sicurezza, che il rischio di attacchi cyber
ed eventi potenzialmente dannosi è in crescita ed è destinato ad aumentare ancora nel corso dei prossimi anni. In questo articolo verranno
analizzati questi sistemi, rilevati online all’interno del perimetro europeo, ed i loro servizi, con analisi specifiche su cattive configurazioni,
vulnerabilità exploitabili, indicatori di compromissione pubblici e privati, ed anche evidenze di reali compromissioni rilevate. Il report ‘Lutech
Operational Intelligence - Analysis of exposed ICS, Scada and IoT systems in Europe’ è basato sulle informazioni fornite dal Lutech Threat
Management Service for Cyber Threat Intelligence (L-TMS/CTI).