Attacks on Industrial Control Systems on the Rise
September 7, 2018
Seid Yassin (557 articles)

Attacks on Industrial Control Systems on the Rise

The systems that power the manufacturing, power and water plants, the oil and gas industry, and many other sectors are increasingly in the crosshairs of cyber-attackers: A full 41.2 percent of industrial control system (ICS) were attacked by malicious software at least once in the first half of 2018.

That’s according to Kaspersky Lab, which analyzed telemetry information from customers using industrial automation computers through the end of June. The data indicates a consistent rise in the percentage of attacks on this segment; the year-ago data showed the percentage of ICS computers attacked to be 36.61 percent; that then ticked upward to 37.75 percent in the second half of 2017.

The main source of infection was the internet – with 27 percent of attacks received from web sources. Another 8.4 percent arrived through removable storage media, and a surprisingly small 3.8 percent came from email clients.

“We have observed increases in the percentage of ICS computers on which phishing emails and malicious attachments opened in online email services using the browser, as well as attempts to download malware from the internet and to access known malicious and phishing web resources, were detected,” the report noted.

The threats include cryptomining, ransomware, remote-access trojans (RAT), the VPNFilter botnet and spyware; malware was delivered via phishing mails and exploits, including for the Spectre/Meltdown class of vulnerabilities. In all, Kaspersky Lab security solutions installed on industrial automation systems detected over 19.4 thousand malware modifications from 2.8 thousand different malware families.

Source | threatpost