https://newsletter.en.creamermedia.com

Two in five industrial computers faced cyberattacks in second half of 2016

14th April 2017

By: Schalk Burger

Creamer Media Senior Deputy Editor

     

Font size: - +

An average of two in five computers related to the technological infrastructure of industrial enterprises were exposed to malicious software and targeted cyberattacks in the second half of 2016, says cybersecurity multinational Kaspersky Lab head of the Critical Infrastructure Defence Department Evgeny Goncharov.

Every fourth targeted attack detected by the company in 2016 was aimed at industrial targets and the frequency increased to almost 40% during the second half of the year. The top three sources of infection were the Internet, removable storage devices, and malicious email attachments and scripts embedded in the body of emails.

“By exploiting vulnerabilities in the networks and software used by these enterprises, attackers can steal information related to the production process or even bring down manufacturing operations, leading to technogenic disasters,” he explains.

Kaspersky Lab’s industrial computer systems (ICS) computer emergency response team of specialists discovered that, in the second half of 2016, malware downloads and access to phishing Web pages were detected and blocked on more than 22% of industrial computers.

This means that every fifth machine faced the risk of infection or credential compromise through the Internet at least once. About 20 000 different malware samples were revealed in industrial automation systems belonging to over 2 000 different malware families in 2016.

“The desktop computers of engineers and operators working directly with ICS do not usually have direct access to the Internet owing to the limitations of the technology network in which they are located. However, there are other users that have simultaneous access to the Internet and ICS.”

During the period of research, 10.9% of computers with ICS software installed (or connected to those that have this software) showed traces of malware when a removable device was connected to them, says Goncharov.

Malicious email attachments and scripts embedded in the body of emails, as the third most frequently detected attacks on ICS, were blocked on 8.1% of industrial computers.

In most cases, attackers use phishing emails to attract the user’s attention and disguise malicious files. Malware was most often distributed in the format of office documents using Microsoft Office and portable document format files to entice people to download and run malware on the industrial organisation’s computers.

“Our analysis shows us that blind faith in technology networks’ isolation from the Internet is not effective. The rise of cyberthreats to critical infrastructure indicates that ICS should be properly secured from malware inside and outside the perimeter,” emphasises Goncharov.

“It is also important to note that, according to our observations, the attacks almost always start with the weakest link in any protection – people,” he emphasises.

To protect the ICS environment from possible cyberattacks, Kaspersky Lab security experts advise that industries conduct a security assessment to identify and remove security loopholes, with external intelligence from reputable vendors helping organisations to predict future attacks on their industrial infrastructure.

“Train your personnel and provide protection inside and outside the perimeter. A proper security strategy has to devote significant resources to attack detection and response, [and] to block an attack before it reaches critically important objects,” he says.

Edited by Martin Zhuwakinyu
Creamer Media Senior Deputy Editor

Comments

 

Latest News

SAPVIA CEO Dr Rethabile Melamu
South Africa PV capacity increases 12% in 2024
20th December 2024 By: Schalk Burger

Showroom

ESAB showroom image
ESAB South Africa

ESAB South Arica, the leading supplier of high-end welding and cutting products to the Southern African industrial market is based in...

VISIT SHOWROOM 
Rittal
Rittal

Rittal is a world leading provider of top-quality integrated systems for enclosures, power distribution, climate control, IT infrastructure and...

VISIT SHOWROOM 

Latest Multimedia

sponsored by

Magazine round up | 13 December 2024
Magazine round up | 13 December 2024
13th December 2024

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION







sq:0.062 0.158s - 189pq - 2rq
Subscribe Now