{"id":6896,"date":"2015-01-16T09:04:04","date_gmt":"2015-01-16T08:04:04","guid":{"rendered":"http:\/\/www.solucom-insight.fr\/?p=6896"},"modified":"2019-12-31T10:42:55","modified_gmt":"2019-12-31T09:42:55","slug":"niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/","title":{"rendered":"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes"},"content":{"rendered":"<p>Le niveau de s\u00e9curit\u00e9 actuel des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ? Les audits et \u00e9tudes r\u00e9alis\u00e9s par Solucom ne font que confirmer les d\u00e9fauts de s\u00e9curit\u00e9 sur ces infrastructures.<\/p>\n<h2>Une s\u00e9curisation insuffisante, voire inexistante<\/h2>\n<p>Les automates programmables industriels (API), en charge de l\u2019interface avec le monde physique, n\u2019int\u00e8grent souvent que peu de fonctions de s\u00e9curit\u00e9 et les failles de s\u00e9curit\u00e9 publiques les concernant sont nombreuses. L\u2019ICS-CERT a ainsi publi\u00e9 pr\u00e8s d\u2019une centaine de bulletins de vuln\u00e9rabilit\u00e9s sur des composants industriels. Les protocoles de communication utilis\u00e9s sont un des maillons faibles de la cha\u00eene. Ces protocoles, parmi lesquels on peut citer Modbus, permettent l\u2019\u00e9change de consignes ou de valeurs en clair, sans chiffrement.<\/p>\n<p>De m\u00eame, les possibilit\u00e9s d\u2019authentification des actions sont souvent limit\u00e9es, permettant \u00e0 n\u2019importe quel attaquant ayant acc\u00e8s au r\u00e9seau de modifier les consignes des automates et ainsi d\u2019influer sur leur comportement. Les interfaces d\u2019administration des automates sont par ailleurs souvent prot\u00e9g\u00e9es par des mots de passe par d\u00e9faut, jamais chang\u00e9s, et qui parfois ne peuvent pas l\u2019\u00eatre. Les syst\u00e8mes plus int\u00e9gr\u00e9s appel\u00e9s SNCC (Syst\u00e8mes Num\u00e9riques de Contr\u00f4le-Commande) ne sont pas garants d\u2019une s\u00e9curit\u00e9 accrue, les protocoles propri\u00e9taires utilis\u00e9s n\u2019apportant pas forc\u00e9ment une r\u00e9elle couche de s\u00e9curit\u00e9.<\/p>\n<p>La situation est identique pour les PC de supervision ou de programmation qui sont souvent des \u00e9quipements reposant sur des technologies standard, tels que des syst\u00e8mes d\u2019exploitation Microsoft Windows. Malheureusement, l\u2019exp\u00e9rience s\u00e9curit\u00e9 acquise sur le SI de gestion pour ces \u00e9quipements profite rarement \u00e0 leur s\u00e9curisation sur la partie industrielle. Les \u00e9tapes de durcissement s\u00e9curit\u00e9 sont rares, de m\u00eame que l\u2019application de correctifs de s\u00e9curit\u00e9, ou encore la pr\u00e9sence d\u2019un antivirus. Il est fr\u00e9quent de pouvoir prendre le contr\u00f4le de ces syst\u00e8mes par l\u2019exploitation d\u2019une faille de s\u00e9curit\u00e9 datant de pr\u00e8s de 6 ans.<\/p>\n<h2>Un cloisonnement tout \u00e0 fait relatif<\/h2>\n<p>De plus, les \u00e9quipements du SI Industriel sont tr\u00e8s largement interfac\u00e9s avec les SI de gestion. Le cloisonnement entre ces deux mondes est souvent permissif. Il arrive m\u00eame que le filtrage autorise l\u2019acc\u00e8s \u00e0 certains \u00e9quipements industriels depuis l\u2019ensemble du r\u00e9seau interne d\u2019une entreprise, ce qui peut repr\u00e9senter plusieurs dizaines de milliers de machines.<br \/>\nLes postes de programmation et cl\u00e9s USB constituent \u00e9galement des vecteurs d\u2019attaques puisqu\u2019ils sont connect\u00e9s \u00e0 des r\u00e9seaux de niveau de s\u00e9curit\u00e9 h\u00e9t\u00e9rog\u00e8ne, voire \u00e0 des environnements non-ma\u00eetris\u00e9s (par exemple dans le cas de sous-traitants).<\/p>\n<p>Pire encore, il arrive trop souvent que des \u00e9quipements industriels soient accessibles directement sur internet. Il existe m\u00eame des moteurs de recherche d\u00e9di\u00e9s \u00e0 la recherche d\u2019\u00e9quipements expos\u00e9s sur internet, Shodan \u00e9tant le plus connu. Pr\u00e8s de 1500 \u00e9quipements Modbus sont ainsi recens\u00e9s en France sur Shodan et plus de 20 000 dans le monde.<\/p>\n<h2>Un constat d\u2019\u00e9chec ?<\/h2>\n<p>Il ne s\u2019agit n\u00e9anmoins pas de se lamenter. Bien que le niveau de s\u00e9curit\u00e9 actuellement constat\u00e9 soit faible, il est possible de mener des actions d\u2019am\u00e9lioration. Au-del\u00e0 des concepts d\u2019architecture qui permettent de cloisonner ces \u00e9quipements vuln\u00e9rables, la vraie, seule solution \u00e0 long terme consiste \u00e0 d\u00e9velopper de nouveaux produits, s\u00e9curis\u00e9s by design. Bien s\u00fbr, les fruits de ce travail ne se verront que sur les nouvelles installations, et pas avant plusieurs dizaines d\u2019ann\u00e9es. On peut esp\u00e9rer que la prise de conscience globale des parties prenantes, ainsi que l\u2019implication des instances gouvernementales acc\u00e9l\u00e8rent ce changement.<br \/>\nEn attendant il semble aujourd\u2019hui n\u00e9cessaire de d\u00e9porter les fonctions s\u00e9curit\u00e9 sur des \u00e9quipements d\u00e9di\u00e9s, comme des passerelles encapsulant le trafic r\u00e9seau dans un tunnel chiffr\u00e9, ou bien des pare-feu ou IPS disposant de modules sp\u00e9cifiques aux protocoles industriels.<\/p>\n<p>Enfin, il faut \u00e9galement savoir tirer parti d\u2019une des faiblesses des SI Industriels : leur dur\u00e9e de vie et la complexit\u00e9 de changements. En effet, la mise en place d\u2019une supervision s\u00e9curit\u00e9 sera facilit\u00e9e par le caract\u00e8re fig\u00e9 des r\u00e9seaux industriels : il est rare que de nouveaux \u00e9quipements soient install\u00e9s ou que la topologie r\u00e9seau soit modifi\u00e9e. De m\u00eame, l\u2019emploi d\u2019une solution de contr\u00f4le d\u2019ex\u00e9cution par liste blanche sera plus facile sur un PC industriel n\u2019ex\u00e9cutant qu\u2019un seul logiciel de supervision que sur un poste de travail bureautique.<\/p>\n<figure id=\"post-6898 media-6898\" class=\"align-none\"><img loading=\"lazy\" decoding=\"async\" class=\"\" src=\"http:\/\/www.solucom-insight.fr\/wp-content\/uploads\/2015\/01\/Capture.jpg\" alt=\"\" width=\"508\" height=\"246\" \/><\/figure>\n<figure id=\"post-6898 media-6898\" class=\"align-none\"><\/figure>\n<p><span style=\"font-size: x-small;\">1 &#8211; http:\/\/www.rapid7.com\/db\/modules\/auxiliary\/scanner\/scada\/modbusclient <\/span><br \/>\n<span style=\"font-size: x-small;\">2 &#8211; https:\/\/github.com\/arnaudsoullie\/metasploit-framework\/blob\/modicon_stux_transfer\/modules\/auxiliary\/admin\/scada\/modicon_stux_transfer.rb<br \/>\n<\/span><span style=\"font-size: x-small;\">3 &#8211; https:\/\/github.com\/arnaudsoullie\/scan7<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Le niveau de s\u00e9curit\u00e9 actuel des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ? Les audits et \u00e9tudes r\u00e9alis\u00e9s par Solucom ne font que confirmer les d\u00e9fauts&#8230;<\/p>\n","protected":false},"author":20,"featured_media":6227,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"page-templates\/tmpl-one.php","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[36,3227],"tags":[3300,1260,1203],"coauthors":[780],"class_list":["post-6896","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-manufacturing-industry-4-0","tag-manuf-industry-4-0","tag-si-industriel","tag-vulnerabilites"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes - RiskInsight<\/title>\n<meta name=\"description\" content=\"Le niveau de s\u00e9curit\u00e9 des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"Le niveau de s\u00e9curit\u00e9 des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2015-01-16T08:04:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-12-31T09:42:55+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"1125\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Arnaud Soulli\u00e9\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Arnaud Soulli\u00e9\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\"},\"author\":{\"name\":\"Arnaud Soulli\u00e9\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ba5826fcf8223b1c6c350c1d1fffc79\"},\"headline\":\"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes\",\"datePublished\":\"2015-01-16T08:04:04+00:00\",\"dateModified\":\"2019-12-31T09:42:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\"},\"wordCount\":860,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg\",\"keywords\":[\"manuf &amp; industry 4.0\",\"SI industriel\",\"vuln\u00e9rabilit\u00e9s\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Manufacturing &amp; Industry 4.0\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\",\"name\":\"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg\",\"datePublished\":\"2015-01-16T08:04:04+00:00\",\"dateModified\":\"2019-12-31T09:42:55+00:00\",\"description\":\"Le niveau de s\u00e9curit\u00e9 des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ?\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg\",\"width\":1500,\"height\":1125},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ba5826fcf8223b1c6c350c1d1fffc79\",\"name\":\"Arnaud Soulli\u00e9\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/arnaud-soullie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes - RiskInsight","description":"Le niveau de s\u00e9curit\u00e9 des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/","og_locale":"en_US","og_type":"article","og_title":"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes - RiskInsight","og_description":"Le niveau de s\u00e9curit\u00e9 des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ?","og_url":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/","og_site_name":"RiskInsight","article_published_time":"2015-01-16T08:04:04+00:00","article_modified_time":"2019-12-31T09:42:55+00:00","og_image":[{"width":1500,"height":1125,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg","type":"image\/jpeg"}],"author":"Arnaud Soulli\u00e9","twitter_misc":{"Written by":"Arnaud Soulli\u00e9","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/"},"author":{"name":"Arnaud Soulli\u00e9","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ba5826fcf8223b1c6c350c1d1fffc79"},"headline":"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes","datePublished":"2015-01-16T08:04:04+00:00","dateModified":"2019-12-31T09:42:55+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/"},"wordCount":860,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg","keywords":["manuf &amp; industry 4.0","SI industriel","vuln\u00e9rabilit\u00e9s"],"articleSection":["Cybersecurity &amp; Digital Trust","Manufacturing &amp; Industry 4.0"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/","url":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/","name":"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg","datePublished":"2015-01-16T08:04:04+00:00","dateModified":"2019-12-31T09:42:55+00:00","description":"Le niveau de s\u00e9curit\u00e9 des SI Industriels est souvent remis en question par les sp\u00e9cialistes en s\u00e9curit\u00e9. Alors, cri au loup ou r\u00e9alit\u00e9 encore m\u00e9connue ?","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2013\/10\/maxkabakov-fotolia.com_.jpg","width":1500,"height":1125},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/2015\/01\/niveau-de-securite-des-si-industriels-les-vulnerabilites-les-plus-courantes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Niveau de s\u00e9curit\u00e9 des SI Industriels : les vuln\u00e9rabilit\u00e9s les plus courantes"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/8ba5826fcf8223b1c6c350c1d1fffc79","name":"Arnaud Soulli\u00e9","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/arnaud-soullie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/6896","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=6896"}],"version-history":[{"count":1,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/6896\/revisions"}],"predecessor-version":[{"id":6899,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/6896\/revisions\/6899"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/6227"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=6896"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=6896"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=6896"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=6896"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}