In the first half of the year manufacturing companies were most susceptible: ICS computers of them accounted for about one-third of all attacks, according to the Kaspersky Lab report “Threat Landscape for Industrial Automation Systems in H1 2017”. The peak of attackers’ activity was registered in March, after which the proportion of computers attacked gradually declined from April to June.
 

During the first six months of the year, Kaspersky Lab products blocked attack attempts on 37.6% of several tens of thousands of ICS computers protected of them globally. This figure was almost unchanged compared to the previous period – it is 1.6 percentage points less than in the second half of 2016.
 

Majority of them were in manufacturing companies that produce various materials, equipment and goods. Other most affected industries include engineering, education, food & beverage. ICS computers of energy companies accounted for almost 5% of all attacks.
 


 

While the top three countries with attacked industrial computers remained the same with Vietnam (71%), Algeria (67.1%) and Morocco (65.4%), researchers detected an increase in number of attacks in China (57.1%), which came fifth, according to the data released by Kaspersky Lab.
 

Also, experts discovered that the main source of threats was Internet: attempts to download malware or access known malicious or phishing web resources were blocked on 20.4% of ICS computers.
 

The reason of the high statistics for this type of infection lies in unrestricted access and connection of industrial networks to the Internet, which threatens the entire industrial infrastructure.
 

In total, in the first six months of 2017 Kaspersky Lab detected about 18,000 different modifications of malware on industrial automation systems belonging to more than 2,500 different families.
 

Ransomware Attacks
 

In the first half of the year the world has been facing the ransomware epidemic, which affected industrial enterprises as well. Based on the research of Kaspersky Lab ICS CERT, the number of unique ICS computers attacked by encryption Trojans had been increasing and tripled by June.
 

Overall, experts discovered encryption ransomware belonging to 33 different families. Most of the encryption Trojans have been distributed through spam emails, disguised as part of the business communication, with either malicious attachments or links to malware downloaders.
 

The main ransomware statistics from the H1, 2017 report include:
 

0.5% of computers in the industrial infrastructure of organizations were attacked by encryption ransomware at least once.
 

ICS computers in 63 countries across the globe were under numerous encryption ransomware attacks, the most notorious of which were WannaCry and ExPetr campaigns.
 

The WannaCry epidemic ranked highest among encryption ransomware families, with 13.4% of all computers in industrial infrastructure attacked. The most affected organizations included healthcare institutions and government sector.
 

The ExPetr was another most notorious encryption ransomware campaign of the first half of the year that attacked overall at least 50% of the companies from manufacturing, and Oil&Gas industries.
 

Top 10 most widespread encryption Trojan families include other ransomware families, such as Locky and Cerber, operating since 2016 and since that time earned the highest profit for cybercriminals.
 

“The fact that ICS computers in manufacturing companies accounted for about one third of all attacks, causes a great security concern, meaning high risks of cyberattack which could bring damages of enterprise’s industrial automation systems and serious consequences for businesses as a whole. Taking into consideration that in the first six months of the year we observed the active distribution of encryption malware, which we believe is set to continue, the probability of a destructive attack is even higher”, says Evgeny Goncharov, Head of Critical Infrastructure Defense Department, Kaspersky Lab.
 

In order to protect the ICS environment from possible cyber-attacks,Kaspersky Lab ICS CERT recommends the following:
 

Take an inventory of running network services with special emphasis on services that provide remote access to file system objects.
 

Audit ICS component access isolation, the network activity in the enterprise’s industrial network and at its boundaries, policies and practices related to using removable media and portable devices.
 

Verify the security of remote access to the industrial network, as minimum, and reduce or completely eliminate the use of remote administration tools as maximum.
 

Keep endpoint security solutions up-to-date.
 

Use advanced methods of protection: deploy tools that provide network traffic monitoring and detection of cyberattacks on industrial networks.
 

Read a summary of the Kaspersky Lab ICS CERT report for H1 2017 on Securelist.com.
 

The full report is available on Kaspersky Lab ICS CERT website


RECOMMENDED ARTICLE FOR TECHWORLD


 
NVIDIA Supersizes PC Gaming with New Breed of Big Format Gaming Displays
Techworld Date Posted: 8 January 2018 4:42 PM | 231 Views
Created in conjunction with NVIDIA hardware partners Acer, ASUS and HP, BFGDs integrate a high-end 65-inch, 4K 120Hz HDR display with NVIDIA® G-SYNC® technology together with NVIDIA SHIELDTM, the world’s most advanced streaming device.. See More
 
NVIDIA Supersizes PC Gaming with New Breed of Big Format Gaming Displays
Techworld Date Posted: 4:42 PM | 231 Views
Created in conjunction with NVIDIA hardware partners Acer, ASUS and HP, BFGDs integrate a high-end 65-inch, 4K 120Hz HDR display with NVIDIA® G-SYNC® technology together with NVIDIA SHIELDTM, the world’s most advanced streaming device.See More

 
ADATA to Showcase Its Latest Industrial and Commercial Solutions at Flash Memory Summit 2018
Techworld Date Posted: 1 August 2018 2:12 PM | 273 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, is pleased to announce that it will be at the Flash Memory Summit 2018 (Booth 714), one of the most important.... See More
 
ADATA to Showcase Its Latest Industrial and Commercial Solutions at Flash Memory Summit 2018
Techworld Date Posted: 2:12 PM | 273 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, is pleased to announce that it will be at the Flash Memory Summit 2018 (Booth 714), one of the most important...See More

 
CORSAIR Launches Full Range of Wireless Gaming Peripherals at CES 2018
Techworld Date Posted: 9 January 2018 2:18 PM | 252 Views
CORSAIR®, a world leader in enthusiast memory, PC components, and high-performance gaming hardware,. See More
 
CORSAIR Launches Full Range of Wireless Gaming Peripherals at CES 2018
Techworld Date Posted: 2:18 PM | 252 Views
CORSAIR®, a world leader in enthusiast memory, PC components, and high-performance gaming hardware,See More

 
Kingston Adds Lower 4GB and 8GB Capacities to DataTraveler 2000 Encrypted USB with Alphanumeric Keypad Acces
Techworld Date Posted: 16 August 2017 1:38 PM | 178 Views
Kingston, the independent world leader in memory products, has added 4GB and 8GB capacity sizes to its family of DataTraveler 2000�encrypted USB Flash drives. The smaller capacities join the existing 16GB, 32GB and 64GB.... See More
 
Kingston Adds Lower 4GB and 8GB Capacities to DataTraveler 2000 Encrypted USB with Alphanumeric Keypad Acces
Techworld Date Posted: 1:38 PM | 178 Views
Kingston, the independent world leader in memory products, has added 4GB and 8GB capacity sizes to its family of DataTraveler 2000�encrypted USB Flash drives. The smaller capacities join the existing 16GB, 32GB and 64GB...See More

 
Innovation Insights Defending Today’s OT Environments
Techworld Date Posted: 22 January 2018 2:27 PM | 225 Views
Operational Technology, or OT, including SCADA (supervisory control and data acquisition) and ICS (industrial control systems), is a system of hardware and software designed to monitor and/or control the physical devices, processes, and events.... See More
 
Innovation Insights Defending Today’s OT Environments
Techworld Date Posted: 2:27 PM | 225 Views
Operational Technology, or OT, including SCADA (supervisory control and data acquisition) and ICS (industrial control systems), is a system of hardware and software designed to monitor and/or control the physical devices, processes, and events...See More

 
Pascual Laboratories Partners with ePLDT, PLDT Enterprise to Address ‘Long Distance Work Relationship’
Techworld Date Posted: 25 October 2018 2:19 PM | 110 Views
ePLDT, the industry-leading enabler of digital enterprise solutions in the Philippines, and PLDT Enterprise — the B2B arm of PLDT — recently entered into a strategic engagement with one of the Philippines’ top pharmaceutical.... See More
 
Pascual Laboratories Partners with ePLDT, PLDT Enterprise to Address ‘Long Distance Work Relationship’
Techworld Date Posted: 2:19 PM | 110 Views
ePLDT, the industry-leading enabler of digital enterprise solutions in the Philippines, and PLDT Enterprise — the B2B arm of PLDT — recently entered into a strategic engagement with one of the Philippines’ top pharmaceutical...See More

 
Kaspersky Lab Uncovers Hacked Servers Used by Lazarus to Control Operations
Techworld Date Posted: 25 October 2017 1:33 PM | 269 Views
While researching the latest activities of the infamous cybercrime group Lazarus, Kaspersky Lab has uncovered a number of compromised servers being used as part of the threat actor’s global command and control infrastructure. . See More
 
Kaspersky Lab Uncovers Hacked Servers Used by Lazarus to Control Operations
Techworld Date Posted: 1:33 PM | 269 Views
While researching the latest activities of the infamous cybercrime group Lazarus, Kaspersky Lab has uncovered a number of compromised servers being used as part of the threat actor’s global command and control infrastructure. See More

 
Free Tickets or Free Malware: Kaspersky Lab Warns Against Fake Airline Promos Online
Techworld Date Posted: 9 May 2018 5:04 PM | 193 Views
Summer holidays are when most people’s penchant for travel heats up. But it’s also the time when cybercriminals trick those with wanderlust easily so Kaspersky Lab advises Filipinos to be more vigilant against airline.... See More
 
Free Tickets or Free Malware: Kaspersky Lab Warns Against Fake Airline Promos Online
Techworld Date Posted: 5:04 PM | 193 Views
Summer holidays are when most people’s penchant for travel heats up. But it’s also the time when cybercriminals trick those with wanderlust easily so Kaspersky Lab advises Filipinos to be more vigilant against airline...See More

 
Lenovo Addresses Shifting Workspace Needs
Techworld Date Posted: 23 March 2018 1:11 PM | 331 Views
Lenovo (HKSE: 992) (ADR: LNVGY), the world’s leading PC manufacturer, launched its 8th-generation Lenovo ThinkPads and ThinkStations–specifically designed to provide enhanced agility and performance to support the ever-evolving workspace spurred by millennial workers.. See More
 
Lenovo Addresses Shifting Workspace Needs
Techworld Date Posted: 1:11 PM | 331 Views
Lenovo (HKSE: 992) (ADR: LNVGY), the world’s leading PC manufacturer, launched its 8th-generation Lenovo ThinkPads and ThinkStations–specifically designed to provide enhanced agility and performance to support the ever-evolving workspace spurred by millennial workers.See More

PCBG Contributing Writer
Allu Out, GuardiaN In
Techworld • By: PCBG Contributing Writer | Date Posted: 3 August 2017 1:59 PM | 515 Views
After failing to qualify for the quarterfinals at the recent PGL Krakow Major Championship, Natus Vincere shocked many fans due to their visibly poor performance during the group stage matches. It was one of.... See More
PCBG Contributing Writer
Allu Out, GuardiaN In
Techworld • By: PCBG Contributing Writer | Date Posted: 1:59 PM | 515 Views
After failing to qualify for the quarterfinals at the recent PGL Krakow Major Championship, Natus Vincere shocked many fans due to their visibly poor performance during the group stage matches. It was one of...See More


Power by

Download Free AZ | Free Wordpress Themes