More than 40 percent of ICS computers attacked by malicious software at least once in H1 2018
Woburn, MA – September 6, 2018 – Today, Kaspersky Lab ICS CERT experts published a new report on the industrial landscape for the first half of 2018, which found that 41.2 percent of industrial control systems (ICS) computers were attacked by malicious software at least once.
The Kaspersky lab report, “Threat Landscape for Industrial Automation Systems in H1 2018,” is based on an analysis of ICS computers protected by Kaspersky Lab solutions. The data collected during this time also uncovered the countries most impacted by ICS computer attacks by percentage – Vietnam, Algeria and Morocco, while the safest region for industrial machines was Denmark.
According to Kaspersky Lab experts, the analysis indicates a consistent rise in the percentage of attacks on ICS computers. The data shows that in 2017, the percentage of ICS computer attacked was 36.61 in the first half of the year and 37.75 percent in the second half. The company’s experts believe that this threat is of concern as it continues to grow over time.
The top countries by the number of ICS computers attacked in the first half of 2018 were Vietnam (75.1%), Algeria (71.6%), and Morocco (65%). In regard to the least attacked industrial enterprise facilities, the top three countries were Denmark (14%), followed by Ireland (14.4%), and Switzerland (15.9%). According to Kaspersky Lab experts, developing economies are accounting for the highest number of ICS computers attacked, while developed regions have the lowest number of targeted ICS computers.
Kaspersky Lab researchers have also noticed a trend in the source of cyberthreats, with the largest number of threats coming from the internet. This has become the main source of infection for ICS computer attacks – with 27 percent of threats received from the World Wide Web, 8.4 percent received through removable storage media, and 3.8 percent from mail clients.
“The percentage of cyberattacks on ICS computers is a concern,” said Kirill Kruglov, security researcher at Kaspersky Lab. “Our advice is to pay attention to systems’ security from the very beginning of their integration when the systems’ elements are first connected to the internet. Neglecting security solutions at this stage could lead to dire consequences.”
Kaspersky Lab ICS CERT recommends implementing the following technical measures:
- Regularly update operating systems, application software and security solutions on systems that are part of the enterprise’s industrial network.
- Restrict network traffic on ports and protocols used on the edge routers and inside the organization's operational technology (OT) networks.
- Audit access control for ICS components in the enterprise’s industrial network and at its boundaries.
- Deploy dedicated endpoint protection solutions onto ICS servers, workstations and human machine interfaces (HMIs) to secure OT and industrial infrastructure from random cyberattacks.
- Use network traffic monitoring, analysis and detection solutions for better protection from targeted attacks.
- Offer dedicated cybersecurity training and support for employees as well as partners and suppliers that have access to your network.
To read the full report, “Threat Landscape for Industrial Automation Systems in H1 2018,” please visit Securelist here.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
About Kaspersky Lab ICS CERT
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is a global project launched by Kaspersky Lab in 2016 to coordinate the efforts of automation system vendors, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyberattacks. Kaspersky Lab ICS CERT devotes its efforts primarily to identifying potential and existing threats that target industrial automation systems and the Industrial Internet of Things. During its first year of operation, the team identified over 110 critical vulnerabilities in products by major global ICS vendors. Kaspersky Lab ICS CERT is an active member and partner of leading international organizations that develop recommendations on protecting industrial enterprises from cyberthreats. ics-cert.kaspersky.com
Kaspersky Lab Media Contact:
Denise Berard
781.503.1836
Denise.Berard@kaspersky.com