FireEye releases its ‘Subversive Six’ report

FireEye, Inc. recently announced the release of its ‘Subversive Six’ report, which is the result of a focused analysis of the industrial sector by experts at FireEye iSIGHT Intelligence.

Industrial enterprises including electric utilities, petroleum companies, and manufacturing organizations invest heavily in industrial control systems (ICS) to efficiently, reliably, and safely operate industrial processes. The FireEye report identifies the six areas of vulnerability in a typical industrial scenario:

• Unauthenticated protocols
• Outdated hardware
• Weak user authentication
• Weak integrity checks
• Vulnerabilities affecting Windows operating systems
• Undocumented third-party relationships

“With the increased demand to have operational technology (OT) networks connected to internet enabled networks for Real Time Telemetry (RTT), we are seeing a corresponding increase in opportunities for adversaries with malicious intent to undermine organizations in the industrial sector that are less security-conscious. It is becoming even more important that organizations employ the right resources to identify and plug their security gaps to prevent future threats.” – said Stuart Davis, Director, Middle East, Mandiant (A FireEye Company). “In 2017, we expect the number of politically and financially motivated attacks to increase. At FireEye, our aim is to continuously assess and provide industry insights that can inspire a higher focus on security across industry verticals.”