Two in five industrial computers faced cyberattacks in second half of 2016
An average of two in five computers related to the technological infrastructure of industrial enterprises were exposed to malicious software and targeted cyberattacks in the second half of 2016, says cybersecurity multinational Kaspersky Lab head of the Critical Infrastructure Defence Department Evgeny Goncharov.
Every fourth targeted attack detected by the company in 2016 was aimed at industrial targets and the frequency increased to almost 40% during the second half of the year. The top three sources of infection were the Internet, removable storage devices, and malicious email attachments and scripts embedded in the body of emails.
“By exploiting vulnerabilities in the networks and software used by these enterprises, attackers can steal information related to the production process or even bring down manufacturing operations, leading to technogenic disasters,” he explains.
Kaspersky Lab’s industrial computer systems (ICS) computer emergency response team of specialists discovered that, in the second half of 2016, malware downloads and access to phishing Web pages were detected and blocked on more than 22% of industrial computers.
This means that every fifth machine faced the risk of infection or credential compromise through the Internet at least once. About 20 000 different malware samples were revealed in industrial automation systems belonging to over 2 000 different malware families in 2016.
“The desktop computers of engineers and operators working directly with ICS do not usually have direct access to the Internet owing to the limitations of the technology network in which they are located. However, there are other users that have simultaneous access to the Internet and ICS.”
During the period of research, 10.9% of computers with ICS software installed (or connected to those that have this software) showed traces of malware when a removable device was connected to them, says Goncharov.
Malicious email attachments and scripts embedded in the body of emails, as the third most frequently detected attacks on ICS, were blocked on 8.1% of industrial computers.
In most cases, attackers use phishing emails to attract the user’s attention and disguise malicious files. Malware was most often distributed in the format of office documents using Microsoft Office and portable document format files to entice people to download and run malware on the industrial organisation’s computers.
“Our analysis shows us that blind faith in technology networks’ isolation from the Internet is not effective. The rise of cyberthreats to critical infrastructure indicates that ICS should be properly secured from malware inside and outside the perimeter,” emphasises Goncharov.
“It is also important to note that, according to our observations, the attacks almost always start with the weakest link in any protection – people,” he emphasises.
To protect the ICS environment from possible cyberattacks, Kaspersky Lab security experts advise that industries conduct a security assessment to identify and remove security loopholes, with external intelligence from reputable vendors helping organisations to predict future attacks on their industrial infrastructure.
“Train your personnel and provide protection inside and outside the perimeter. A proper security strategy has to devote significant resources to attack detection and response, [and] to block an attack before it reaches critically important objects,” he says.
Comments
Announcements
What's On
Subscribe to improve your user experience...
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation