Between January and September this year, industrial control systems (ICS) in the Middle East, Turkey and Africa (META) region were attacked using multiple means.
Malicious tools were blocked on 38% of ICS computers that were protected by Kaspersky solutions, a number slightly higher than the global number of 31.8%.
In SA specifically, the number sat at 36.1%. Of these, 14.6% came from the internet, 17.8% through e-mail clients, and 2.9% via removable media.
More sophisticated
Kaspersky fears that APT attacks on industrial systems are expected to get even more sophisticated in the coming months.
ICS computers are employed in oil and gas, energy, automotive manufacturing, building automation infrastructures, and other spheres to carry out a range of operational technology (OT) functions. These range from the workstations of engineers and operators to supervisory control and data acquisition servers and human-machine interface.
Attacks on these machines are considered particularly dangerous as they not only cause material losses and production downtime for production lines, but for entire facilities.
Furthermore, if these entities are taken down it can seriously undermine a region’s social welfare, ecology, and macroeconomics.
In the META region the oil and gas sector was in the firing line with 39.3%, followed by building automation systems with 38.8%, and the energy sector with 36.8%.
Kaspersky also predicts that organisations in agriculture, logistics and transportation, renewable energy, and hi-tech will be targeted more often.
Rising ransomware
Another trend seen by Kaspersky for the remainder of 2022 and into 2023, is the rise of ransomware in ICS environments.
Ransomware groups have evolved from fragmented and disorganised gangs, into highly organised businesses that form a fully-fledged industry.
“We are seeing more cases where ransomware attacks, including those on ICS computers, are performed manually, in a time-consuming, yet efficient manner," says Vladimir Dashchenko, a Kaspersky ICS Cyber Emergency Response Team expert.
He says global instability fuels a global semiconductor shortage, which in turn, sees companies spending less on cyber security. “This becomes a critical issue in 2022-2023, especially in view of the evolving threat landscape. Critical industrial infrastructure solutions will be a new target for cyber crime,” he predicts.
Share