Skip to main content

Woburn, MA – September 19, 2019 –Kaspersky today announces a new threat intelligence offering for industrial organizations, ICS Vulnerabilities Database. The service will offer customers access to a continuously updated database containing information on vulnerabilities in industrial control systems (ICS) and industrial Internet of Things (IIoT) products along with rules and algorithms to detect possible attacks that could exploit them. With this service, asset owners will be able to perform vulnerability assessments and patch management as well as ensure they are protected from possible targeted attacks.

As in any computing system, vulnerabilities in industrial components are inevitable. Each year, Kaspersky Industrial Control Systems Cyber Emergency Response Team, Kaspersky ICS CERT, finds no less than 60 new vulnerabilities in IIoT components and industrial control systems[1], potentially affecting hundreds and thousands of ICS or IIoT products. If undetected, these weaknesses can lead to system failure or give malware access to the product’s management and critical manufacturing data. For customers, it is important to be aware of these vulnerabilities, understand how critical they are and what can be done to patch or mitigate them.

In addition to being aware that a vulnerability exists, industrial organizations need to have the ability to detect a vulnerability exploitation attempt to prevent possible attack scenarios, which might occur as a result. The challenge is that intrusion detection systems commonly have attack detection signatures and rules focusing primarily on IT asset protection. This means that many network attack vectors that could specifically target vulnerable ICS components might still stay undetected.

The Kaspersky ICS Vulnerability Database will include continually updated information about the most critical vulnerabilities contained in widely-used ICS products from a variety of vendors. Each record will contain detailed technical information that will help industrial organizations check whether their assets are vulnerable. Users can then prioritize and plan vulnerable system updates or other actions to mitigate the risks of possible exploitation by a malicious actor. The information will be delivered in both a human and machine-readable format via REST API so customers can integrate it into their existing cybersecurity tools and manually decide on the remediation actions needed.

The second component of the service, the Network Attacks Signatures Database, provides signatures of ICS threats. It can be integrated with third party intrusion detection systems to help customers minimize the risk of cybersecurity incidents in their industrial infrastructure.

“Penetration testing and periodic vulnerability assessments of an industrial enterprise might give a good picture of its current cybersecurity state,” said Georgy Shebuldaev, head of industrial cybersecurity business development at Kaspersky. “ Unfortunately, existing publicly available ICS or IIoT vulnerability information sources lack much of the required information, consistency and clarity to be useful for effective continuous vulnerability assessments. This new service aims to help customers enhance their vulnerability management and incident detection with Kaspersky threat expertise and guidance.”

The ICS Vulnerabilities Database will go on sale in December 2019. Companies that are interested in more information and testing the service now are welcome to contact the Kaspersky team via ics@kaspersky.com.

More information about the Kaspersky portfolio for industrial companies can be found on its official website.


[1] Kaspersky ICS CERT identified 75 vulnerabilities in 2016, 63 vulnerabilities in 2017 and 61 vulnerabilities in 2018, many affecting hundreds of products by different vendors.

About Kaspersky ICS CERT

Kaspersky Industrial Control Systems Cyber Emergency Response Team (Kaspersky ICS CERT) is a global project launched by Kaspersky in 2016 to coordinate the efforts of automation system vendors, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyberattacks. Kaspersky ICS CERT devotes its efforts primarily to identifying potential and existing threats that target industrial automation systems and the Industrial Internet of Things. Since its inception, the team identified over 200 critical vulnerabilities in products by major global ICS vendors. Kaspersky ICS CERT is an active member and partner of leading international organizations that develop recommendations on protecting industrial enterprises from cyberthreats. Learn more at ics-cert.kaspersky.com

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.

Media Contact:
Cassandra Faro
Cassandra.Faro@Kaspersky.com
781-503-1812

Kaspersky Announces New Threat Intelligence Service to Protect Against ICS Vulnerabilities

Kaspersky is announcing the development of a new threat intelligence service for industrial organizations — ICS Vulnerabilities Database.
Kaspersky Logo