Vikram Kalkat, Kaspersky Industrial CyberSecurity Global Business Development at Kaspersky Lab Asia Pacific, discusses the escalating cyberthreats against industrial and critical infrastructure in a recent media briefing at the Makati Diamond Residences, Makati City.
Kaspersky Lab has raised the alarm on the escalating number of malicious attacks against Industrial Control Systems (ICS) and critical infrastructure. The global cybersecurity company warns that threats against these highly important facilities can catastrophically endanger both business networks and people’s lives.
Industrial and critical infrastructure serve as the backbones of a nation or a state. The major critical infrastructure sectors are energy, transportation, aerospace, oil and gas, chemical, automotive and manufacturing, food and beverage, government, financial and medical services.
When cybercriminals take over such ICS facilities in any of these sectors, they can use them to effectively undermine a nation’s economy, safety, peace, or all of the above.
“As more critical and industrial facilities are being automated and connected to the internet, government and private sectors should also pay attention to the cybersecurity of these vital infrastructure. These networks require tougher defenses as successful attacks against them can result to virtual and physical harm,” warns Sylvia Ng, General Manager Southeast Asia, Kaspersky Lab.
In 2015, Kaspersky Lab has unmasked the highly sophisticated Advanced Persistent Threat (APT) actor named the Equation Group which targeted diverse industrial and critical facilities.
The hacking group has been discovered to be infiltrating and spying into networks of infrastructures in sectors such as telecoms, aerospace, energy, nuclear research, oil and gas, military, nanotechnology and transportation from more than 30 countries worldwide since 2001.
In December of the same year, the successful malware attack using BlackEnergy malware resulted in the massive unscheduled power outage in Ukraine which left more than more than 230,000 residents without electricity for up to six hours .
Experts from Kaspersky Lab has found out that the BlackEnergy APT have been actively trying to control ICS, energy, government and media in Ukraine as well as ICS/SCADA companies and energy companies worldwide.
ICS Threats in the Philippines
Kaspersky Lab’s ICS-CERT Report revealed 30% or three in 10 ICS users in the Philippines were saved from malware attacks during the second half of 2016.
The report said removable media like USBs, CDs, disks and drives were the main sources of compromise for ICS networks in the country.
Kaspersky Lab’s Industrial CyberThreats Real Time Map also showed globally, the Philippines is the 46th most attacked country in terms of ICS and critical infrastructure.
“The threats against industrial and critical infrastructure are present in every country. No one is immune. The catastrophic impact of an attack against these vital facilities makes it necessary for governments and private sectors to seriously think about industrial cybersecurity. Recognizing that such threats are real is a fundamental step towards understanding how we can work to mitigate, if not completely avoid, the imminent dangers that these threats may bring about,” said Vikram Kalkat, Senior Key Account Manager, Kaspersky Industrial CyberSecurity Global Business Development, Kaspersky Lab Asia Pacific.
Kaspersky Industrial CyberSecurity
Kaspersky Lab has developed a comprehensive portfolio of technologies, solutions and services to help customers tackle and manage many of these risks.
1Equation Group: Questions and Answers (https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf)
2Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid (https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/)
“Operation technology of critical infrastructure should focus on infrastructure availability of automated systems rather than only data confidentiality. Kaspersky Lab has been improving its security portfolio and threat intelligence to secure these vital facilities. There is an urgent need for specialized solutions to combat these type of threats,” said Kalkat.
Only cybersecurity companies that understand the differences between industrial systems and standard, business-oriented enterprises are able to deliver security solutions that meet the unique needs of industrial control systems and industrial infrastructure owners.
To secure ICS and critical infrastructure, Kaspersky has developed Kaspersky Industrial CyberSecurity, a specialized security solution designed to protect complex industrial environments that contain a diverse range of proprietary systems.
This solution provides effective security at all industrial layers — including SCADA servers, HMI panels, workstations, PLCs and network connections — from cyber-threats, without impacting on operational continuity and consistency of the technological process.
Kaspersky Industrial CyberSecurity delivers a combination of protection types. It’s a highly flexible and unified security solution that can be tailored to each facility’s unique needs.
In addition to the technologies and services that support every stage of the security cycle, Kaspersky Industrial CyberSecurity delivers protection in support of integrity control, intrusion prevention and detection, anti-malware and anomaly detection, among others.
Kaspersky Lab also has its own non-commercial project called Industrial Systems Computer Emergency Response Team (known as Kaspersky Lab ICS-CERT). It is a global CERT entity that welcomes the collaboration of critical infrastructure operators, vendors and government institutions.
The Kaspersky Lab ICS-CERT is a special project that offers a wide range of information services, starting from the intelligence on the latest threats and security incidents with mitigation strategies and all the way up to incident response and investigation consultancy and services. It shares information and expertise to its members free of charge.