Threats against industrial control systems on the rise

Read time 2min 10sec

The percentage of industrial control system (ICS) computers attacked increased in 62% of the countries examined by Kaspersky researchers.

Although the percentage if ICS computers on which malicious objects were blocked declined since the second half of 2019, this number started to rise in the second half of 2020.

Worldwide, the percentage of attacked ICS computers in H2 2020 was 33.4% – a marginal increase of 0.85%. However, the variety of malware families used increased by 30%.

In the engineering and ICS integration sector malware attacks grew by nearly 8% and 7%  and by 6.2% in the building automation and oil and gas sectors, respectively.

Attacks against industrial organisations always carry the potential to be particularly devastating, both in terms of disruption to production and financial losses, the security giant said.

Threats belonging to 5 365 malware families were blocked by Kaspersky on ICS computers. The most prominent threats were backdoors, or dangerous Trojans that gain remote control over the infected device, spyware or malicious programs designed to steal data, other types of Trojans, as well as malicious scripts and documents.

In general, 62% of the countries examined by the researchers experienced a growth in the percentage of ICS computers attacked. In addition, in 73.4% of all countries examined (in comparison to 23.6% in H2 2019), the percentage of ICS computers on which malicious e-mail attachments were blocked grew.

Evgeny Goncharov, head of ICS CERT at Kaspersky, said last year was an unusual one in many aspects. “This appears to have led to some unusual trends across the ICS threat landscape. We typically see a decline in the percentage of ICS computers attacked in the northern summer months and December as people go on holiday. However, with borders closed and countries on lockdown, it’s likely many didn’t take their vacation, and we did not see any noticeable decrease.”

He also said that while ransomware attacks declined globally, in developed countries, such as the US and Western Europe, the number of attacks increased significantly  – perhaps because, amid the current economic downturn, threat actors thought these places had businesses with the means to actually pay.

“With the pandemic still ongoing, it will be important that all industries take extra precautions; with the rest of the world in flux, it’s hard to predict what cyber criminals will do,” he ended.

Read more about the ICS threat landscape in H2 2020 on the Kaspersky ICS CERT website.

See also