First of its kind it community research report. Real eyeopener Leads to observation platform creation and IT Security awareness
Basel, Switzerland, December 5, 2013 – They operate everywhere at all hours of the day controlling so many things that are related to everyday life and yet most people could not say they exist. Industrial control systems (ICS).
They are computer controlled systems and they monitor important and vital processes such as industrial processes used in manufacturing and production, infrastructure processes such as water treatment and gas pipelines and facilities processes such as heating or air conditioning in buildings such as airports. Because these processes are computer controlled, they can be exposed and highly vulnerable to attack. A new project named SCADA (Supervisory Control and Data Acquisition) Exposure has just been released that highlights the vulnerabilities in many of these industrial control infrastructures.
The first ever attempt of a project of this type, Scada Internet Exposure 2013, attempted to create a permanent observatory on the presence of overexposed scada gears by obtaining fresh data on exposed and vulnerable devices from public search engines like Shodan and Google and then categorized it around three main dimensions: the Temporal axis, the Geographical axis and Taxonomy.
The project was sponsored by the security company ISGroup SRL and so far, the findings for the geographic axis that included Switzerland and Italy found that half a million ICS and SCADA devices were exposed in public databases and at risk of attack. Interestingly enough, it was Switzerland that proved to be more vulnerable. This first report chose to test Italy and Switzerland as Italian and Swiss SCADA devices represent fully 3.9% of the global exposure.
The research was completed by Francesco Ongaro and Gianluca Pericoli from ISGroup SRL, on a request derived from Florian Imbach, a journalist of Sonntagszeitung. Once started, Ongaro and Pericoli decided to take it further because of the risk connected to insecure SCADA deployments and the lack of awareness regarding this particular type of IT systems’s security. Their combined research has led to building the first of its kind ever platform that will serve the IT community for future studies they hope lead to the creation of a more open ICS security community.
For more information, visit
If you would like more information about this topic, please contact
Francesco Ongaro CEO
by phone at: (+39) 06 98352586 (or)
send an email to: firstname.lastname@example.org