Woburn, MA – March 27, 2019 – In 2018, Kaspersky Lab detected and prevented activity by malicious objects on almost half of Industrial Control System (ICS) computers protected by the company’s products and defined as part of an organization’s industrial infrastructure. The most affected countries were Vietnam, Algeria and Tunisia. These are some of the main findings of the Kaspersky Lab ICS CERT report on the industrial threat landscape in H2 2018.
Malicious cyber activities on ICS computers are considered an extremely dangerous threat as they could potentially cause material losses and production downtime in the operation of industrial facilities.
In 2018, the share of ICS computers that experienced such activities grew to 47.2 percent from 44 percent in 2017, indicating that the threat is rising.
According to the new report, the top three countries in terms of the percentage of ICS computers on which Kaspersky Lab prevented malicious activity were the following: Vietnam (70.09%), Algeria (69.91%), and Tunisia (64.57%). The least impacted nations were Ireland (11.7%), Switzerland (14.9%), and Denmark (15.2%).
“Despite the common myth, the main source of threat to industrial computers is not a targeted attack, but mass-distributed malware that gets into industrial systems by accident, over the internet, through removable media such as USB-sticks, or emails,” said Kirill Kruglov, security researcher at Kaspersky Lab ICS CERT. “However, the fact that the attacks are successful because of a casual attitude to cybersecurity hygiene among employees means that they can potentially be prevented by staff training and awareness – this is much easier than trying to stop determined threat actors.”
Kaspersky Lab ICS CERT recommends implementing the following technical measures:
Read the full text of the report on Kaspersky Lab ICS CERT website.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next-generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at https://www.kaspersky.com/.
About Kaspersky Lab ICS CERT
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is a global project launched by Kaspersky Lab in 2016 to coordinate the efforts of automation system vendors, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyberattacks. Kaspersky Lab ICS CERT devotes its efforts primarily to identifying potential and existing threats that target industrial automation systems and the Industrial Internet of Things. During its first year of operation, the team identified over 110 critical vulnerabilities in products by major global ICS vendors. Kaspersky Lab ICS CERT is an active member and partner of leading international organizations that develop recommendations on protecting industrial enterprises from cyberthreats https://ics-cert.kaspersky.com/.