In the first half of the year manufacturing companies were most susceptible: ICS computers of them accounted for about one-third of all attacks, according to the Kaspersky Lab report “Threat Landscape for Industrial Automation Systems in H1 2017”. The peak of attackers’ activity was registered in March, after which the proportion of computers attacked gradually declined from April to June.
 

During the first six months of the year, Kaspersky Lab products blocked attack attempts on 37.6% of several tens of thousands of ICS computers protected of them globally. This figure was almost unchanged compared to the previous period – it is 1.6 percentage points less than in the second half of 2016.
 

Majority of them were in manufacturing companies that produce various materials, equipment and goods. Other most affected industries include engineering, education, food & beverage. ICS computers of energy companies accounted for almost 5% of all attacks.
 


 

While the top three countries with attacked industrial computers remained the same with Vietnam (71%), Algeria (67.1%) and Morocco (65.4%), researchers detected an increase in number of attacks in China (57.1%), which came fifth, according to the data released by Kaspersky Lab.
 

Also, experts discovered that the main source of threats was Internet: attempts to download malware or access known malicious or phishing web resources were blocked on 20.4% of ICS computers.
 

The reason of the high statistics for this type of infection lies in unrestricted access and connection of industrial networks to the Internet, which threatens the entire industrial infrastructure.
 

In total, in the first six months of 2017 Kaspersky Lab detected about 18,000 different modifications of malware on industrial automation systems belonging to more than 2,500 different families.
 

Ransomware Attacks
 

In the first half of the year the world has been facing the ransomware epidemic, which affected industrial enterprises as well. Based on the research of Kaspersky Lab ICS CERT, the number of unique ICS computers attacked by encryption Trojans had been increasing and tripled by June.
 

Overall, experts discovered encryption ransomware belonging to 33 different families. Most of the encryption Trojans have been distributed through spam emails, disguised as part of the business communication, with either malicious attachments or links to malware downloaders.
 

The main ransomware statistics from the H1, 2017 report include:
 

0.5% of computers in the industrial infrastructure of organizations were attacked by encryption ransomware at least once.
 

ICS computers in 63 countries across the globe were under numerous encryption ransomware attacks, the most notorious of which were WannaCry and ExPetr campaigns.
 

The WannaCry epidemic ranked highest among encryption ransomware families, with 13.4% of all computers in industrial infrastructure attacked. The most affected organizations included healthcare institutions and government sector.
 

The ExPetr was another most notorious encryption ransomware campaign of the first half of the year that attacked overall at least 50% of the companies from manufacturing, and Oil&Gas industries.
 

Top 10 most widespread encryption Trojan families include other ransomware families, such as Locky and Cerber, operating since 2016 and since that time earned the highest profit for cybercriminals.
 

“The fact that ICS computers in manufacturing companies accounted for about one third of all attacks, causes a great security concern, meaning high risks of cyberattack which could bring damages of enterprise’s industrial automation systems and serious consequences for businesses as a whole. Taking into consideration that in the first six months of the year we observed the active distribution of encryption malware, which we believe is set to continue, the probability of a destructive attack is even higher”, says Evgeny Goncharov, Head of Critical Infrastructure Defense Department, Kaspersky Lab.
 

In order to protect the ICS environment from possible cyber-attacks,Kaspersky Lab ICS CERT recommends the following:
 

Take an inventory of running network services with special emphasis on services that provide remote access to file system objects.
 

Audit ICS component access isolation, the network activity in the enterprise’s industrial network and at its boundaries, policies and practices related to using removable media and portable devices.
 

Verify the security of remote access to the industrial network, as minimum, and reduce or completely eliminate the use of remote administration tools as maximum.
 

Keep endpoint security solutions up-to-date.
 

Use advanced methods of protection: deploy tools that provide network traffic monitoring and detection of cyberattacks on industrial networks.
 

Read a summary of the Kaspersky Lab ICS CERT report for H1 2017 on Securelist.com.
 

The full report is available on Kaspersky Lab ICS CERT website


RECOMMENDED ARTICLE FOR TECHWORLD


 
Akamai Agrees to Acquire Nominum
Techworld Date Posted: 17 October 2017 1:21 PM | 472 Views
Akamai Technologies, Inc. (NASDAQ: AKAM) today announced the company has entered into an agreement to acquire Nominum, a market leader in DNS and enterprise security solutions for carriers.. See More
 
Akamai Agrees to Acquire Nominum
Techworld Date Posted: 1:21 PM | 472 Views
Akamai Technologies, Inc. (NASDAQ: AKAM) today announced the company has entered into an agreement to acquire Nominum, a market leader in DNS and enterprise security solutions for carriers.See More

 
MTECH 2018 Rides on ‘A New Wave of Disruption’
Techworld Date Posted: 11 December 2018 2:07 PM | 58 Views
Since its first staging in 2015, the Meralco Technology and Innovation Summit (MTECH) has provided a venue for its employees and industry stakeholders to learn and experience new technologies relevant to utilities, and more.... See More
 
MTECH 2018 Rides on ‘A New Wave of Disruption’
Techworld Date Posted: 2:07 PM | 58 Views
Since its first staging in 2015, the Meralco Technology and Innovation Summit (MTECH) has provided a venue for its employees and industry stakeholders to learn and experience new technologies relevant to utilities, and more...See More

 
F5 Delivers Application Services for a Multi-Cloud World
Techworld Date Posted: 12 July 2017 2:12 PM | 13 Views
MANILA, PHILIPPINES – F5 Networks (NASDAQ: FFIV) announces the availability of offerings designed to provide consistent application services in multi-cloud environments—giving companies greater deployment flexibility, more effective security, and faster time to market.. See More
 
F5 Delivers Application Services for a Multi-Cloud World
Techworld Date Posted: 2:12 PM | 13 Views
MANILA, PHILIPPINES – F5 Networks (NASDAQ: FFIV) announces the availability of offerings designed to provide consistent application services in multi-cloud environments—giving companies greater deployment flexibility, more effective security, and faster time to market.See More

 
Lenovo Launches the New Power-Packed Lenovo K8 Note and Lenovo K8 Plus Smartphones
Techworld Date Posted: 9 November 2017 1:40 PM | 19 Views
Lenovo continues to offer Filipinos unmatched premium mobile experience at a pocket friendly price with the all-new additions to its K series of devices, the Lenovo K8 Note and Lenovo K8 Plus.. See More
 
Lenovo Launches the New Power-Packed Lenovo K8 Note and Lenovo K8 Plus Smartphones
Techworld Date Posted: 1:40 PM | 19 Views
Lenovo continues to offer Filipinos unmatched premium mobile experience at a pocket friendly price with the all-new additions to its K series of devices, the Lenovo K8 Note and Lenovo K8 Plus.See More

 
Move Your SSD into the Fast Lane – CORSAIR Launches the Neutron NX500 NVMe PCIe SSD AIC
Techworld Date Posted: 11 August 2017 2:17 PM | 342 Views
  components, today announced the launch of the CORSAIR Neutron NX500 NVMe PCIe SSD AIC. The NX500 boasts performance up to five times faster than traditional SATA 3.0 SSDs, connecting to your system via.... See More
 
Move Your SSD into the Fast Lane – CORSAIR Launches the Neutron NX500 NVMe PCIe SSD AIC
Techworld Date Posted: 2:17 PM | 342 Views
  components, today announced the launch of the CORSAIR Neutron NX500 NVMe PCIe SSD AIC. The NX500 boasts performance up to five times faster than traditional SATA 3.0 SSDs, connecting to your system via...See More

 
Nokia 8 Takes Its First Bite of Oreo™
Techworld Date Posted: 28 November 2017 10:24 AM | 22 Views
HMD Global, the home of Nokia phones, is excited to announce that Android™ 8.0 Oreo™ is now available for the Nokia 8. . See More
 
Nokia 8 Takes Its First Bite of Oreo™
Techworld Date Posted: 10:24 AM | 22 Views
HMD Global, the home of Nokia phones, is excited to announce that Android™ 8.0 Oreo™ is now available for the Nokia 8. See More

 
Cryptojacking Skyrockets to the Top of the Attacker Toolkit, Signaling Massive Threat to Cyber and Personal Security
Techworld Date Posted: 11 April 2018 5:01 PM | 18 Views
  Cyber criminals are rapidly adding cryptojacking to their arsenal and creating a highly profitable new revenue stream, as the ransomware market becomes overpriced and overcrowded, according to Symantec’s (Nasdaq: SYMC) Internet Security Threat.... See More
 
Cryptojacking Skyrockets to the Top of the Attacker Toolkit, Signaling Massive Threat to Cyber and Personal Security
Techworld Date Posted: 5:01 PM | 18 Views
  Cyber criminals are rapidly adding cryptojacking to their arsenal and creating a highly profitable new revenue stream, as the ransomware market becomes overpriced and overcrowded, according to Symantec’s (Nasdaq: SYMC) Internet Security Threat...See More

 
PLDT and Smart Ring in Christmas with ‘Holideals,’ Their Biggest Holiday Sale Yet
Techworld Date Posted: 16 November 2018 3:27 PM | 24 Views
Brace yourself as leading digital services provider PLDT Inc. and its mobile arm Smart Communications, Inc. are ushering in the Christmas season with the first ever ‘Holideals,’ their biggest holiday blow-out yet. See More
 
PLDT and Smart Ring in Christmas with ‘Holideals,’ Their Biggest Holiday Sale Yet
Techworld Date Posted: 3:27 PM | 24 Views
Brace yourself as leading digital services provider PLDT Inc. and its mobile arm Smart Communications, Inc. are ushering in the Christmas season with the first ever ‘Holideals,’ their biggest holiday blow-out yetSee More

 
Apacer Launches the AH336 and AC233 in Partnership with P714
Techworld Date Posted: 3 November 2017 10:45 AM | 482 Views
When pursuing a dream, we all need the support and company of friends. Apacer partnered with P714, a Taiwanese illustration brand famous for their heartwarming, adorable designs, in creating 3 special edition flash drives.... See More
 
Apacer Launches the AH336 and AC233 in Partnership with P714
Techworld Date Posted: 10:45 AM | 482 Views
When pursuing a dream, we all need the support and company of friends. Apacer partnered with P714, a Taiwanese illustration brand famous for their heartwarming, adorable designs, in creating 3 special edition flash drives...See More

 
Latest Nokia Smartphones Now in the Android Recommended Programme
Techworld Date Posted: 25 May 2019 5:10 PM | 65 Views
HMD Global, the home of Nokia phones, has announced that it now offers the largest and most-diverse range of “best-in-business” smartphones on Android™ with the addition of three new devices. The Nokia 9 PureView,.... See More
 
Latest Nokia Smartphones Now in the Android Recommended Programme
Techworld Date Posted: 5:10 PM | 65 Views
HMD Global, the home of Nokia phones, has announced that it now offers the largest and most-diverse range of “best-in-business” smartphones on Android™ with the addition of three new devices. The Nokia 9 PureView,...See More


Power by

Download Free AZ | Free Wordpress Themes