ISGroup, Security Research

Scada Exposure released! Scada Internet Exposure 2013-11

ScadaExposure is the first attempt to create a permanent observatory on the presence of overexposed scada gears. The project is a collaborative effort of Francesco Ongaro and Gianluca Pericoli, aimed to build an open framework for SCADA exposure benchmarking. Knowing the updated index of exposed ICS devices allows to answer many questions of public interest.

Get the Scada Internet Exposure 2013-11 report

Our goal is to obtain fresh data (exposed/vulnerable devices) from public search engines like Shodan and Google and categorize it around three main dimensions: the Temporal axis, the Geographical axis and our Taxonomy.

Temporal axis

Each dataset belongs to a release that refer to a specific time. Our first release is the November 2013 one.

  • Is SCADA exposure higher or lower than before?
  • Is the current awareness and effort level effective in order to secure private and critical infrastructures?

Geographical axis

Results are separated by country. The first release includes Switzerland, Italy and World.

  • Is a country more exposed than another?
  • How is a country relatively exposed? (Indexed devices VS Scada devices)
  • How is a country relatively exposed compared to the world? (Country Scada devices VS World Scada devices)
  • How is a country relatively exposed compared to another country?

Taxonomy

ScadaExposure’s taxonomy is a hierarchy of Vendors, Products and Product versions. Every search query (“dork“) is linked to a Product Version, Product, Vendor or can be generic. Products belong to two categories: Systems and Devices, as described by the Glossary.

  • What is the most exposed vendor?
  • What is the most exposed product?
  • What is the most exposed system type or device class?

 

We would love to know you reaction (scadaexposure@isgroup.it)!.

The project is sponsored by the security company ISGroup SRL.

Standard