SANS Institute survey finds unprotected devices and ransomware are top threats to industrial control systems
Source: Procre8 for SANS , Author: Posted by BI-ME staff
Posted: Mon August 14, 2017 12:40 pm

UAE. SANS Institute’s annual survey of industrial control systems (ICS) has revealed that the introduction of unprotected devices into sensitive ICS networks and ransomware are now among the top threats that organizations face in securing critical infrastructure. In addition, 69% of respondents stated that the level of threats to control systems is now high or severely critical.

“Industrial plants and critical infrastructure have become prime targets for politically and financially motivated cybercriminals in the Middle East,” explained Ned Baltagi, Managing Director, Middle East & Africa at SANS.

 “Traditionally, these systems have been less frequently updated and the teams operating them lack dedicated cyber security professionals. This places some of the most critical systems we have in the Middle East at risk of cyber-attack.”

The survey also found that some basic security practices are still not being implemented and identifying attacks remains challenging; 40% of ICS security practitioners lack visibility or sufficient supporting intelligence into their ICS networks and this is one of the primary impediments to securing these systems.

Despite the high-profile news coverage of recent attacks against unpatched systems, SANS found that only 46% of respondents regularly apply vendor-validated patches. An astounding 12% neither patch nor layer controls around critical control system assets.

“The importance of patching systems and keeping them up to date cannot be emphasized enough,” explained Baltagi. “Consider WannaCry which as a ransomware attack was no doubt a top concern for ISC security practitioners. It spread by exploiting a known Microsoft vulnerability which is why unpatched systems played a key role in the spread of the malicious code. Once again, the lack of skilled cyber security professionals or appropriately trained IT staff in the field is impacting the ability of ICS organisations to adequately patch their systems, exacerbating this issue.”

Bengt Gregory-Brown, survey author, noted, “Changes in ICS/SCADA environments have historically come at a pretty slow pace, but this pace is accelerating with IT/OT convergence, and the speed of change is challenging everyone working with these systems to keep up, or accept growing levels of risk.”

Now in its fourth consecutive year, the survey noted some improvements in protecting critical assets and infrastructure, and respondents acknowledged that their ICS security budgets have increased over the fiscal year 2016. “With higher budgets becoming available to ISC professionals, it is imperative that they are aware of the key issues that the industry faces so they can allocate time and resources to the most pressing issues.” concluded Baltagi.

SANS Institute’s survey of industrial control systems report can be viewed and downloaded here

Two SANS ICS training courses are running in Dubai and Khobar in November and December this year:
1.     ICS515: ICS Active Defence and Incident Response teaches how to deconstruct ICS cyber-attacks, leverage an active defense to identify and counter threats in ICS, and use incident response procedures to maintain the safety and reliability of operations.
2.     ICS410: ICS/SCADA Security Essentials provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats. 

Photo Caption: Ned Baltagi, Managing Director, Middle East & Africa at SANS

About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security.

The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Centre.

At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community.

For more information, please visit



date:Posted: July 20, 2018
UAE. Burglars can't steal your property if they can't break into your house. Here are some extra precautions you should take before leaving for your holidays.
date:Posted: July 19, 2018
UAE. The technologies most valuable to national defence are those that maximise the nation's freedom to develop and use its military capability as it sees fit.
date:Posted: July 18, 2018
UAE. Predictive deep learning technology looks for suspicious attributes of malicious code and learns as it goes to provide constantly evolving protection for servers - even if systems are unpatched.