Table of Contents Table of Contents
Previous Page  86 / 100 Next Page
Information
Show Menu
Previous Page 86 / 100 Next Page
Page Background

CYBER SECURITY

tecnica

Giugno/Luglio 2017

Automazione e Strumentazione

86

The proliferation of remote accessible applications and always connected systems,

including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition

(SCADA) networks, real-time remote control systems, IoT devices and all the distributed

management technologies, means that the risk of cyber attacks and potentially

dangerous threats is growing and it can only increase in the next years. In this report

paper will be analysed the distribution and the exposition of these systems, found alive

inside the European cyber perimeter, and their services along with a deep analysis of

evident bad configurations, easy exploitable vulnerabilities, public and private indicators

of compromise and even real and known compromissions already happened. The

‘Lutech Operational Intelligence - Analysis of exposed ICS, Scada and IoT systems in

Europe’ report hereby presented is based on information provided by Lutech Threat

Management Service for Cyber Threat Intelligence (L-TMS/CTI).

Francesco Faenzi

Luca Dinardo

Fabio Bellani

Analysis of exposed

ICS, Scada and IoT Systems in Europe

Lutech Cyber Threat Intelligence team star-

ted its research by identifying ICS/Scada/IoT

systems, reachable from the Internet, inside

the European cyber perimeter.

Lutech Team used a specific L-TMS/CTI

source which maintains a database of every

device connected to the Internet along with

their relative exposed services. This source

GLI AUTORI

F. Faenzi, Head of Lutech Cyber-

security Business Platform; L.

Dinardo, Lutech Analyst; F. Bellani,

Lutech Researcher & Developer.

AN OPERATIONAL INTELLIGENCE REPORT BY LUTECH TEAM

Basing on the presented dataset, Lutech Team performed a research and different kind of security analysis and

considerations about systems. These analysis are resulted in finding different known vulnerabilities exposed, bad

configurations, systems that were used for phishing campaign and as command & control malware, etc.

Analisi dei sistemi ICS, Scada e IoT a rischio in Eurapa

La diffusione di applicazioni remote e sistemi sempre connessi, quali Industrial Control Systems (ICS), Supervisory Control and Data Acqui-

sition (Scada), sistemi di controllo in real-time, sistemi IoT ecc., significa, da un punto di vista della sicurezza, che il rischio di attacchi cyber

ed eventi potenzialmente dannosi è in crescita ed è destinato ad aumentare ancora nel corso dei prossimi anni. In questo articolo verranno

analizzati questi sistemi, rilevati online all’interno del perimetro europeo, ed i loro servizi, con analisi specifiche su cattive configurazioni,

vulnerabilità exploitabili, indicatori di compromissione pubblici e privati, ed anche evidenze di reali compromissioni rilevate. Il report ‘Lutech

Operational Intelligence - Analysis of exposed ICS, Scada and IoT systems in Europe’ è basato sulle informazioni fornite dal Lutech Threat

Management Service for Cyber Threat Intelligence (L-TMS/CTI).