In the first half of the year manufacturing companies were most susceptible: ICS computers of them accounted for about one-third of all attacks, according to the Kaspersky Lab report “Threat Landscape for Industrial Automation Systems in H1 2017”. The peak of attackers’ activity was registered in March, after which the proportion of computers attacked gradually declined from April to June.
 

During the first six months of the year, Kaspersky Lab products blocked attack attempts on 37.6% of several tens of thousands of ICS computers protected of them globally. This figure was almost unchanged compared to the previous period – it is 1.6 percentage points less than in the second half of 2016.
 

Majority of them were in manufacturing companies that produce various materials, equipment and goods. Other most affected industries include engineering, education, food & beverage. ICS computers of energy companies accounted for almost 5% of all attacks.
 


 

While the top three countries with attacked industrial computers remained the same with Vietnam (71%), Algeria (67.1%) and Morocco (65.4%), researchers detected an increase in number of attacks in China (57.1%), which came fifth, according to the data released by Kaspersky Lab.
 

Also, experts discovered that the main source of threats was Internet: attempts to download malware or access known malicious or phishing web resources were blocked on 20.4% of ICS computers.
 

The reason of the high statistics for this type of infection lies in unrestricted access and connection of industrial networks to the Internet, which threatens the entire industrial infrastructure.
 

In total, in the first six months of 2017 Kaspersky Lab detected about 18,000 different modifications of malware on industrial automation systems belonging to more than 2,500 different families.
 

Ransomware Attacks
 

In the first half of the year the world has been facing the ransomware epidemic, which affected industrial enterprises as well. Based on the research of Kaspersky Lab ICS CERT, the number of unique ICS computers attacked by encryption Trojans had been increasing and tripled by June.
 

Overall, experts discovered encryption ransomware belonging to 33 different families. Most of the encryption Trojans have been distributed through spam emails, disguised as part of the business communication, with either malicious attachments or links to malware downloaders.
 

The main ransomware statistics from the H1, 2017 report include:
 

0.5% of computers in the industrial infrastructure of organizations were attacked by encryption ransomware at least once.
 

ICS computers in 63 countries across the globe were under numerous encryption ransomware attacks, the most notorious of which were WannaCry and ExPetr campaigns.
 

The WannaCry epidemic ranked highest among encryption ransomware families, with 13.4% of all computers in industrial infrastructure attacked. The most affected organizations included healthcare institutions and government sector.
 

The ExPetr was another most notorious encryption ransomware campaign of the first half of the year that attacked overall at least 50% of the companies from manufacturing, and Oil&Gas industries.
 

Top 10 most widespread encryption Trojan families include other ransomware families, such as Locky and Cerber, operating since 2016 and since that time earned the highest profit for cybercriminals.
 

“The fact that ICS computers in manufacturing companies accounted for about one third of all attacks, causes a great security concern, meaning high risks of cyberattack which could bring damages of enterprise’s industrial automation systems and serious consequences for businesses as a whole. Taking into consideration that in the first six months of the year we observed the active distribution of encryption malware, which we believe is set to continue, the probability of a destructive attack is even higher”, says Evgeny Goncharov, Head of Critical Infrastructure Defense Department, Kaspersky Lab.
 

In order to protect the ICS environment from possible cyber-attacks,Kaspersky Lab ICS CERT recommends the following:
 

Take an inventory of running network services with special emphasis on services that provide remote access to file system objects.
 

Audit ICS component access isolation, the network activity in the enterprise’s industrial network and at its boundaries, policies and practices related to using removable media and portable devices.
 

Verify the security of remote access to the industrial network, as minimum, and reduce or completely eliminate the use of remote administration tools as maximum.
 

Keep endpoint security solutions up-to-date.
 

Use advanced methods of protection: deploy tools that provide network traffic monitoring and detection of cyberattacks on industrial networks.
 

Read a summary of the Kaspersky Lab ICS CERT report for H1 2017 on Securelist.com.
 

The full report is available on Kaspersky Lab ICS CERT website


RECOMMENDED ARTICLE FOR TECHWORLD


 
Chafer Cyberespionage Group Targets Embassies with Updated Homebrew Spyware
Techworld Date Posted: 7 February 2019 2:07 PM | 113 Views
Kaspersky Lab researchers have detected multiple attempts to infect foreign diplomatic entities in Iran with homebrew spyware. The attacks appear to be using an updated Remexi backdoor. Several legitimate tools were also used during.... See More
 
Chafer Cyberespionage Group Targets Embassies with Updated Homebrew Spyware
Techworld Date Posted: 2:07 PM | 113 Views
Kaspersky Lab researchers have detected multiple attempts to infect foreign diplomatic entities in Iran with homebrew spyware. The attacks appear to be using an updated Remexi backdoor. Several legitimate tools were also used during...See More

 
Get Free Globe Home Wi-Fi with Every Purchase of Selected Lenovo Devices
Techworld Date Posted: 26 September 2018 3:55 PM | 187 Views
As we gear up for the holidays, leading PC developer Lenovo and leading telecommunications provider Globe Telecom team up for an always-connected “Ber” season in a promo.. See More
 
Get Free Globe Home Wi-Fi with Every Purchase of Selected Lenovo Devices
Techworld Date Posted: 3:55 PM | 187 Views
As we gear up for the holidays, leading PC developer Lenovo and leading telecommunications provider Globe Telecom team up for an always-connected “Ber” season in a promo.See More

 
Akamai Agrees to Acquire Nominum
Techworld Date Posted: 17 October 2017 1:21 PM | 364 Views
Akamai Technologies, Inc. (NASDAQ: AKAM) today announced the company has entered into an agreement to acquire Nominum, a market leader in DNS and enterprise security solutions for carriers.. See More
 
Akamai Agrees to Acquire Nominum
Techworld Date Posted: 1:21 PM | 364 Views
Akamai Technologies, Inc. (NASDAQ: AKAM) today announced the company has entered into an agreement to acquire Nominum, a market leader in DNS and enterprise security solutions for carriers.See More

 
SECURITY AT YOUR FINGERTIPS: Kaspersky Lab Launches On-Demand Security Service in PH
Techworld Date Posted: 15 March 2019 8:54 AM | 72 Views
Kaspersky Lab has announced its on-demand service, which allows internet users in the Philippines to secure their devices on a weekly or monthly basis, for as little as 10 to 30 pesos for seven.... See More
 
SECURITY AT YOUR FINGERTIPS: Kaspersky Lab Launches On-Demand Security Service in PH
Techworld Date Posted: 8:54 AM | 72 Views
Kaspersky Lab has announced its on-demand service, which allows internet users in the Philippines to secure their devices on a weekly or monthly basis, for as little as 10 to 30 pesos for seven...See More

 
Clean Machines: Startup’s Bots Sweep Up Corporate Campuses
Techworld Date Posted: 4 March 2019 3:49 PM | 74 Views
Gregg Ratanaphanyarat and Dawei Ding joined the ranks of college dropouts in 2016, leaving Penn State to launch a robotics startup for outdoor cleaning.. See More
 
Clean Machines: Startup’s Bots Sweep Up Corporate Campuses
Techworld Date Posted: 3:49 PM | 74 Views
Gregg Ratanaphanyarat and Dawei Ding joined the ranks of college dropouts in 2016, leaving Penn State to launch a robotics startup for outdoor cleaning.See More

 
ADATA to Showcase Its Latest Innovations at IFA 2018
Techworld Date Posted: 23 August 2018 2:03 PM | 364 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, has announced that it will be showcasing its latest products and solutions at IFA 2018 in Berlin. Among the products to.... See More
 
ADATA to Showcase Its Latest Innovations at IFA 2018
Techworld Date Posted: 2:03 PM | 364 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND flash products, has announced that it will be showcasing its latest products and solutions at IFA 2018 in Berlin. Among the products to...See More

 
Lax Security Leaves Car Sharing Apps Vulnerable to Attack
Techworld Date Posted: 2 August 2018 1:33 PM | 534 Views
Kaspersky Lab researchers have examined the security of 13 car sharing applications from household manufacturers across the globe – including those from Russia, the US, and Europe.. See More
 
Lax Security Leaves Car Sharing Apps Vulnerable to Attack
Techworld Date Posted: 1:33 PM | 534 Views
Kaspersky Lab researchers have examined the security of 13 car sharing applications from household manufacturers across the globe – including those from Russia, the US, and Europe.See More

 
Fake Facebook Sites Account for 60% of Social Network Phishing in Early 2018
Techworld Date Posted: 24 May 2018 1:32 PM | 240 Views
In the first quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented more than 3.6 million attempts to visit fraudulent social network pages, of which 60% were fake Facebook pages. The results, according to Kaspersky.... See More
 
Fake Facebook Sites Account for 60% of Social Network Phishing in Early 2018
Techworld Date Posted: 1:32 PM | 240 Views
In the first quarter of 2018, Kaspersky Lab’s anti-phishing technologies prevented more than 3.6 million attempts to visit fraudulent social network pages, of which 60% were fake Facebook pages. The results, according to Kaspersky...See More

 
Kaspersky Lab Bags Two Wins At Networks Asia Information Management Awards 2018
Techworld Date Posted: 11 June 2018 4:19 PM | 474 Views
(From left) Jesmond Chang, Head of Corporate Communications for Kaspersky Lab APAC, receives the award from Nikolay Novozhilov, Head of Digital Products at NTUC Link   Kaspersky Lab announced its win of two cybersecurity.... See More
 
Kaspersky Lab Bags Two Wins At Networks Asia Information Management Awards 2018
Techworld Date Posted: 4:19 PM | 474 Views
(From left) Jesmond Chang, Head of Corporate Communications for Kaspersky Lab APAC, receives the award from Nikolay Novozhilov, Head of Digital Products at NTUC Link   Kaspersky Lab announced its win of two cybersecurity...See More

 
F5 Named a WAF Leader by Independent Research Firm
Techworld Date Posted: 5 September 2018 3:35 PM | 117 Views
F5 Networks (NASDAQ: FFIV) just announced that it has been named a Leader in the Forrester Wave™: Web Application Firewalls, Q2 2018 report, published June 25, 2018. . See More
 
F5 Named a WAF Leader by Independent Research Firm
Techworld Date Posted: 3:35 PM | 117 Views
F5 Networks (NASDAQ: FFIV) just announced that it has been named a Leader in the Forrester Wave™: Web Application Firewalls, Q2 2018 report, published June 25, 2018. See More


Power by

Download Free AZ | Free Wordpress Themes