Subscribe
Rashika Ramlal

Industrial control systems under attack

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 28 Mar 2019

Nearly half (47.2%) of industrial control system (ICS) computers protected by Kaspersky Lab solutions experienced malicious activity last year, up from 44% in 2017.

ITWeb Security Summit 2019

Eight international keynote speakers are heading to SA to join the local experts and share insights with SA's cyber security community. We have Graham Cluley, independent computer security expert and public speaker; Ofir Hason, CEO and co-founder of CyberGym; and Pete Herzog, MD of the Institute for Security and Open Methodologies. To find out more and to register, click here.

This was one of the main findings of the Kaspersky Lab ICS CERT report on the industrial threat landscape in H2 2018.

Attacks against ICS computers are considered a top threat as they could cause material losses and production downtime in the operation of industrial facilities.

Researchers from Kaspersky said the top three countries affected in terms of the percentage of ICS computers attacked, were: Vietnam (70%), Algeria (70%) and Tunisia (65%). The least impacted nations were Ireland (12%), Switzerland (15%) and Denmark (15%).

Kirill Kruglov, security researcher at Kaspersky Lab ICS CERT, says although most believe targeted attacks are the main threat to industrial computers, this is not the case. "The real culprit is mass-distributed malware that gets into industrial systems by accident, over the Internet, through removable media such as USB-sticks, or e-mails."

However, he says the success of attacks can be attributed to "a lackadaisical attitude to cyber security hygiene" among employees. "Threats could be prevented by staff training and awareness, which is much easier than trying to stop determined threat actors."

To prevent threats of this nature, Kaspersky advises companies to regularly update operating systems and application software on systems that are part of the enterprise's industrial network.

The security firm advises companies to restrict network traffic on ports and protocols used on edge routers and inside the operational technology networks; audit access control for ICS components in the enterprise's industrial network and at its boundaries; and deploy dedicated endpoint protection solutions on ICS servers, workstations and human-machine interfaces.

Security solutions should be kept up-to-date, and it's important to provide training and support for employees as well as partners and suppliers with access to the network, concludes Kaspersky.

Share