資安廠商 Sectrio 日前發表研究報告,指出用於工業與製造業的營運科技系統(Operational Technology,OT)現今面臨的十大資安問題與解決方案。
Sectrio 日前公布的 2022 IoT 與 OT 資安長問卷調查(The IoT and OT CISO Peer Survey 2022)中發現,有 90% 的企業資安長表示,在過去 12 個月中其公司至少發生過一起重要駭侵攻擊事件;多數企業的製造與營運因而停止運作達到 4 天,造成平均 250 萬美元損失。
Sectrio 根據此問卷,分析出現今全球企業面臨的主要 OT 系統資安風險如下:
多數製造業的 OT 系統設備與作業系統版本過於老舊,且未曾或很少進行更新;
OT 系統的管理與權責不明:多數公司的 IT 單位與系統擁有較明確的管理權責畫分,但製造業的 OT 系統普遍都有管理權責不明的問題,甚至只有五分之一的製造業者設有資安長,負責 OT 系統的資安維運;
OT 資產重要性未獲重視:超過 95% 公司承認未將 OT 系統資安維護視為公司重要例行工作;
日益提高的 IoT 僵屍網路與 DDoS 攻擊風險:許多駭侵者選擇製造業的 OT 系統當做布署僵屍網路的節點,或對企業發動 DDoS 攻擊。
許多 OT 系統直接曝露於公眾 Internet 上,與外網之間沒有強固的防火牆與其他資安設備隔開,等於對駭侵者大開方便之門。
使用可卸除式記憶媒體:許多製造業 OT 系統未對如 USB 隨身碟、記憶卡之類的可卸除式記憶裝置加強管制,大大提高遭到惡意軟體植入的機會。
近期製造業 OT 系統遭各式駭侵攻擊的案例愈來愈多,損失極為驚人;各製造業者應思考資安防護策略,提撥足夠人力與預算,加強 OT 系統的防護與人員訓練。
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.