Connect with us

Hi, what are you looking for?

Tech & Science

Cold cybersecurity: Watch out for the Icefall

To stay ahead of cybercriminals, companies must address vulnerability exposure risks before hackers attack them.

Image: © AFP
Image: © AFP

A security report looks at a set of 56 vulnerabilities, collectively called Icefall, that impact operational technology (OT) equipment used in various critical infrastructure environments.

Looking into the implications of the report, Terry Olaes, Director of Sales Engineering at Skybox explains to Digital Journal about the core implications from the report and what this means for businesses.

Olaes says: “This is yet another reminder that critical infrastructure remains a top target for cybercriminals. Skybox Research Lab found that new vulnerabilities in operational technology (OT) products have risen 88 percent year over year.”

This is becoming part of a problematic trend, says Olaes. He notes: “Too often, our researchers see organizations that only rely on conventional approaches to vulnerability management move to patch the highest severity vulnerabilities first based on the Common Vulnerability Scoring System (CVSS).”

Furthermore, says Olaes, this is all too familiar for cybercriminals for they “know this is how many companies handle their cybersecurity, so they’ve learned to take advantage of vulnerabilities seen as less critical to carry out their attacks.”

Furthermore, Olaes says: “In the case for OT, the mechanisms used to exploit these devices are less-sophisticated due to the design of these technologies to minimize friction and focus on HSE impact, above all. This enables bad actors to identify and weaponize new exploits more quickly, resulting in the drastic vulnerability count increase.”

Looking at one of the more significant issues, Olaes  says: “In the case of ICEFALL, threat actors could have access to over 50 vulnerabilities that are affecting operational technology devices of several critical infrastructure organizations. The Russian state-sponsored hacking group known as Sandworm is already known to have successfully leveraged these vulnerabilities against Ukraine in recent months, identifying users and infrastructure, including electrical systems, and disconnecting its electrical substations.”

There are measures that companies can adopt. Here Olaes puts forward: “To stay ahead of cybercriminals, companies must address vulnerability exposure risks before hackers attack them. That means taking a more proactive approach to vulnerability management by learning to identify and prioritize exposed vulnerabilities across the entire threat landscape.”

Olaes also recommends: “Organizations should ensure they have solutions capable of quantifying the business impact of cyber risks into economic impact. This will help them identify and prioritize the most critical threats based on the size of the financial impact, among other risk analyses such as exposure-based risk scores.”

The final advice from Olaes is: “They must also enhance the maturity of their vulnerability management programs to ensure they can quickly discover whether or not a vulnerability impacts them and how urgent it is to remediate.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Many state sector organization leaders say low-code reduces cybersecurity issues.

Tech & Science

Elon Musk showed off the latest version of a humanoid robot that the world's richest man said could one day eliminate poverty.

Tech & Science

"Project Bison," is set to break ground on what will be the world’s largest carbon capture and storage project.