WOBURN, MA – September 28, 2017 — /BackupReview.info/ — A new report from Kaspersky Lab found that in the first half of the year, the manufacturing industry was the most susceptible to cyberthreats – with the industrial control systems (ICS) computers of manufacturing companies accounting for almost one third of all attacks.
The Kaspersky Lab report, “Threat Landscape for Industrial Automation Systems in H1 2017,” also found that the peak of attackers’ activity was registered in March, after which the proportion of computers attacked gradually declined from April to June. Also during the first half of the year, Kaspersky Lab products blocked attack attempts on 37.6 percent of ICS computers from which the company received anonymized information, totaling several tens of thousands. This figure was almost unchanged compared to the previous period – it is 1.6 percent less than in the second half of 2016.
The majority of the cyberthreats were in manufacturing companies that produce various materials, equipment and goods. Other highly-affected industries include engineering, education, and food & beverage. ICS computers in energy companies accounted for almost 5 percent of all attacks.
Distribution of ICS computers attacked by industry, H1 2017
While the top three countries with attacked industrial computers – Vietnam (71%), Algeria (67.1%) and Morocco (65.4%) – remained the same, researchers detected an increase in the percentage of systems attacked in China (57.1%), which came in fifth, according to the data released by Kaspersky Lab.
Experts also discovered that the main source of threats was the internet; attempts to download malware or access known malicious or phishing web resources were blocked on 20.4 percent of ICS computers. The reason for the high statistics for this type of infection lies in the interfaces between corporate and industrial networks, availability of limited internet access from industrial networks, and connection of computers on industrial networks to the internet via mobile phone operators’ networks.
In total, Kaspersky Lab detected about 18,000 different modifications of malware on industrial automation systems in the first six months of 2017, belonging to more than 2,500 different families.
Ransomware Attacks
In the first half of the year, the world has faced a ransomware epidemic, which also affected industrial companies. Based on the research from Kaspersky Lab ICS CERT, the number of unique ICS computers attacked by encryption Trojans increased significantly and tripled by June.
Overall, experts discovered encryption ransomware belonging to 33 different families. Most of the encryption Trojans were distributed through spam emails disguised as part of the business communication with either malicious attachments or links to malware downloaders.
The main ransomware findings in the report include:
“In the first half of the year we’ve seen how weakly protected industrial systems are – pretty much all of the affected industrial computers were infected accidentally and as the result of attacks targeted initially at home users and corporate networks,” said Evgeny Goncharov, head of critical infrastructure defense department at Kaspersky Lab. “In this sense, the WannaCry and ExPetr destructive ransomware attacks proved indicative, leading to the disruption of enterprise production cycles around the world, as well as logistical failures, and forced downtime in the work of medical institutions. The results of such attacks can provoke intruders into further actions. Since we are already late with preventive measures, companies should think about proactive protective measures now to avoid ‘firefighting’ in future.”
In order to protect ICS environments from possible cyber-attacks, Kaspersky Lab ICS CERT recommends the following:
Read a summary of the Kaspersky Lab ICS CERT report for H1 2017 on Securelist.com
The full Kaspersky Lab report, “Threat Landscape for Industrial Automation Systems in H1 2017,” is available on the Kaspersky Lab ICS CERT website — https://goo.gl/Neq2cj
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com
Media Contact:
Denise Bertrand
781.503.1836
Denise.Bertrand@kaspersky.com
Source: Kaspersky Lab
Tags: Kaspersky, Kaspersky Lab
Copyright © 2004 - 2020 Backup Review.info | Sitemap
RSS feed for comments on this post · TrackBack URI
Leave a reply