Woburn, MA – September 6, 2018 – Today, Kaspersky Lab ICS CERT experts published a new report on the industrial landscape for the first half of 2018, which found that 41.2 percent of industrial control systems (ICS) computers were attacked by malicious software at least once.
The Kaspersky lab report, “Threat Landscape for Industrial Automation Systems in H1 2018,” is based on an analysis of ICS computers protected by Kaspersky Lab solutions. The data collected during this time also uncovered the countries most impacted by ICS computer attacks by percentage – Vietnam, Algeria and Sri Lanka, while the safest region for industrial machines was Denmark.
According to Kaspersky Lab experts, the analysis indicates a consistent rise in the percentage of attacks on ICS computers. The data shows that in 2017, the percentage of ICS computer attacked was 36.61 in the first half of the year and 37.75 percent in the second half. The company’s experts believe that this threat is of concern as it continues to grow over time.
The top countries by the number of ICS computers attacked in the first half of 2018 were Vietnam (75.1%), Algeria (71.6%), and Morocco (65%). In regard to the least attacked industrial enterprise facilities, the top three countries were Denmark (14%), followed by Ireland (14.4%), and Switzerland (15.9%). According to Kaspersky Lab experts, developing economies are accounting for the highest number of ICS computers attacked, while developed regions have the lowest number of targeted ICS computers.
Kaspersky Lab researchers have also noticed a trend in the source of cyberthreats, with the largest number of threats coming from the internet. This has become the main source of infection for ICS computer attacks – with 27 percent of threats received from the World Wide Web, 8.4 percent received through removable storage media, and 3.8 percent from mail clients.
“The percentage of cyberattacks on ICS computers is a concern,” said Kirill Kruglov, security researcher at Kaspersky Lab. “Our advice is to pay attention to systems’ security from the very beginning of their integration when the systems’ elements are first connected to the internet. Neglecting security solutions at this stage could lead to dire consequences.”
Kaspersky Lab ICS CERT recommends implementing the following technical measures:
- Regularly update operating systems, application software and security solutions on systems that are part of the enterprise’s industrial network.
- Restrict network traffic on ports and protocols used on the edge routers and inside the organization’s operational technology (OT) networks.
- Audit access control for ICS components in the enterprise’s industrial network and at its boundaries.
- Deploy dedicated endpoint protection solutions onto ICS servers, workstations and human machine interfaces (HMIs) to secure OT and industrial infrastructure from random cyberattacks.
- Use network traffic monitoring, analysis and detection solutions for better protection from targeted attacks.
- Offer dedicated cybersecurity training and support for employees as well as partners and suppliers that have access to your network.
To read the full report, “Threat Landscape for Industrial Automation Systems in H1 2018,” please visit Securelist here.