With a wide swathe of old, legacy technology still running reliably on OT networks, finding bugs in easily accessible automation products and network protocols has been a necessary—and elementary—first step in elevating the cybersecurity of industrial enterprises worldwide.
Along with that research—which to date has resulted in a milestone 250 CVEs disclosed for Team82—comes a responsibility to educate asset owners about their risk exposure, and explain how newly-connected ICS devices and OT networks are exposed to hackers like never before.
That has been Team82’s mission since its inception and today as we take this opportunity to recognise our achievement, it’s also important to recognise that OT cybersecurity research has miles to go before organisations can settle on a risk management strategy that adequately addresses today’s threats and exposures.
This report will reflect on Team82’s leadership in OT vulnerability research, and the initial inroads we’ve made helping vendors normalise vulnerability disclosures and coordination.
Transformation, convergence—and hackers
Team82’s focus on vulnerability discovery in ICS products filled a noticeable…
