A data-driven analysis of vulnerabilities in real-world OT networks based on analyzing 375 industrial control networks via Network Traffic Analysis (NTA), across multiple industrial sectors in the US, EMEA and APAC.

Download the 2017 report  Download the 2019 report

A number of adversaries are attempting to compromise our critical industrial networks, with motives ranging from criminal intent to operational disruption and even threats to human and environmental safety.

At the same time, industry experts have been telling us for years that our Operational Technology (OT) networks are vulnerable — but we’ve never had the data to objectively evaluate the risk.

To address this gap, CyberX analyzed traffic collected from 375 production networks across the US, Europe, and APAC. The networks span all sectors including energy & utilities, manufacturing, pharmaceuticals, chemicals, and oil & gas.

The data clearly shows that control networks are easy targets for adversaries, as you can see from some of the findings listed below:

  • 1 out of 3 industrial sites are connected to the public Internet
  • 3 out of 4 sites have legacy Windows boxes for which Microsoft is no longer providing security patches
  • 60% have passwords traversing OT networks in plain-text
  • 50% of industrial sites aren’t running any antivirus protection
  • 82% are running remote management protocols (RDP, VNC, SSH, etc.), making it easier to perform cyber reconnaissance

What can be done? It’s unrealistic to expect asset owners to perform massive upgrades to their OT infrastructures in the short-term, which would cost their industries billions of dollars. The report describes a number of practical steps that organizations can take today to mitigate OT risk.

For more key findings and expert recommendations, download the full report.