In the first half of the year manufacturing companies were most susceptible: ICS computers of them accounted for about one-third of all attacks, according to the Kaspersky Lab report “Threat Landscape for Industrial Automation Systems in H1 2017”. The peak of attackers’ activity was registered in March, after which the proportion of computers attacked gradually declined from April to June.
 

During the first six months of the year, Kaspersky Lab products blocked attack attempts on 37.6% of several tens of thousands of ICS computers protected of them globally. This figure was almost unchanged compared to the previous period – it is 1.6 percentage points less than in the second half of 2016.
 

Majority of them were in manufacturing companies that produce various materials, equipment and goods. Other most affected industries include engineering, education, food & beverage. ICS computers of energy companies accounted for almost 5% of all attacks.
 


 

While the top three countries with attacked industrial computers remained the same with Vietnam (71%), Algeria (67.1%) and Morocco (65.4%), researchers detected an increase in number of attacks in China (57.1%), which came fifth, according to the data released by Kaspersky Lab.
 

Also, experts discovered that the main source of threats was Internet: attempts to download malware or access known malicious or phishing web resources were blocked on 20.4% of ICS computers.
 

The reason of the high statistics for this type of infection lies in unrestricted access and connection of industrial networks to the Internet, which threatens the entire industrial infrastructure.
 

In total, in the first six months of 2017 Kaspersky Lab detected about 18,000 different modifications of malware on industrial automation systems belonging to more than 2,500 different families.
 

Ransomware Attacks
 

In the first half of the year the world has been facing the ransomware epidemic, which affected industrial enterprises as well. Based on the research of Kaspersky Lab ICS CERT, the number of unique ICS computers attacked by encryption Trojans had been increasing and tripled by June.
 

Overall, experts discovered encryption ransomware belonging to 33 different families. Most of the encryption Trojans have been distributed through spam emails, disguised as part of the business communication, with either malicious attachments or links to malware downloaders.
 

The main ransomware statistics from the H1, 2017 report include:
 

0.5% of computers in the industrial infrastructure of organizations were attacked by encryption ransomware at least once.
 

ICS computers in 63 countries across the globe were under numerous encryption ransomware attacks, the most notorious of which were WannaCry and ExPetr campaigns.
 

The WannaCry epidemic ranked highest among encryption ransomware families, with 13.4% of all computers in industrial infrastructure attacked. The most affected organizations included healthcare institutions and government sector.
 

The ExPetr was another most notorious encryption ransomware campaign of the first half of the year that attacked overall at least 50% of the companies from manufacturing, and Oil&Gas industries.
 

Top 10 most widespread encryption Trojan families include other ransomware families, such as Locky and Cerber, operating since 2016 and since that time earned the highest profit for cybercriminals.
 

“The fact that ICS computers in manufacturing companies accounted for about one third of all attacks, causes a great security concern, meaning high risks of cyberattack which could bring damages of enterprise’s industrial automation systems and serious consequences for businesses as a whole. Taking into consideration that in the first six months of the year we observed the active distribution of encryption malware, which we believe is set to continue, the probability of a destructive attack is even higher”, says Evgeny Goncharov, Head of Critical Infrastructure Defense Department, Kaspersky Lab.
 

In order to protect the ICS environment from possible cyber-attacks,Kaspersky Lab ICS CERT recommends the following:
 

Take an inventory of running network services with special emphasis on services that provide remote access to file system objects.
 

Audit ICS component access isolation, the network activity in the enterprise’s industrial network and at its boundaries, policies and practices related to using removable media and portable devices.
 

Verify the security of remote access to the industrial network, as minimum, and reduce or completely eliminate the use of remote administration tools as maximum.
 

Keep endpoint security solutions up-to-date.
 

Use advanced methods of protection: deploy tools that provide network traffic monitoring and detection of cyberattacks on industrial networks.
 

Read a summary of the Kaspersky Lab ICS CERT report for H1 2017 on Securelist.com.
 

The full report is available on Kaspersky Lab ICS CERT website


RECOMMENDED ARTICLE FOR TECHWORLD


 
D-Link’s Enhanced Wi-Fi Gigabit Routers, Security Cameras Deliver Improved Connectivity, Security
Techworld Date Posted: 20 March 2018 5:05 PM | 706 Views
Manila, Philippines – D-Link, one of the world’s biggest suppliers of home networking products, matches the growing demand for high-speed connectivity and improved home security with enhanced Wi-Fi gigabit routers and security cameras.. See More
 
D-Link’s Enhanced Wi-Fi Gigabit Routers, Security Cameras Deliver Improved Connectivity, Security
Techworld Date Posted: 5:05 PM | 706 Views
Manila, Philippines – D-Link, one of the world’s biggest suppliers of home networking products, matches the growing demand for high-speed connectivity and improved home security with enhanced Wi-Fi gigabit routers and security cameras.See More

 
SkyPixel And DJI Launch The 2017 SkyPixel Photo Story Competition
Techworld Date Posted: 27 October 2017 2:24 PM | 53 Views
SkyPixel, the world’s most popular aerial photography community, in cooperation with DJI, announced the 2017 SkyPixel Photo Contest.. See More
 
SkyPixel And DJI Launch The 2017 SkyPixel Photo Story Competition
Techworld Date Posted: 2:24 PM | 53 Views
SkyPixel, the world’s most popular aerial photography community, in cooperation with DJI, announced the 2017 SkyPixel Photo Contest.See More

 
ZooPark: New Android-Based Malware Campaign Spreading through Compromised Legitimate Websites
Techworld Date Posted: 16 May 2018 11:31 AM | 42 Views
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which for several years has been targeting users of Android devices based in several Middle Eastern countries.. See More
 
ZooPark: New Android-Based Malware Campaign Spreading through Compromised Legitimate Websites
Techworld Date Posted: 11:31 AM | 42 Views
Kaspersky Lab researchers have discovered ZooPark, a sophisticated cyberespionage campaign, which for several years has been targeting users of Android devices based in several Middle Eastern countries.See More

 
Kaspersky Index in H2 2016: People are Becoming more Cyber Savvy
Techworld Date Posted: 8 May 2017 11:06 AM | 403 Views
Kaspersky Lab has updated its Kaspersky Cybersecurity Index, a set of indicators that allow the evaluation of the level of risk for Internet users worldwide. The Index for the second half of 2016 demonstrates.... See More
 
Kaspersky Index in H2 2016: People are Becoming more Cyber Savvy
Techworld Date Posted: 11:06 AM | 403 Views
Kaspersky Lab has updated its Kaspersky Cybersecurity Index, a set of indicators that allow the evaluation of the level of risk for Internet users worldwide. The Index for the second half of 2016 demonstrates...See More

 
ViewSonic to Showcase XG Series of Gaming Monitors at ESGS 2017
Techworld Date Posted: 25 October 2017 2:32 PM | 53 Views
ViewSonic Corp., a leading global provider of visual solution products, today announced it will be exhibiting its latest gaming monitors at the Electronic Sports and Gaming Summit (ESGS) 2017,. See More
 
ViewSonic to Showcase XG Series of Gaming Monitors at ESGS 2017
Techworld Date Posted: 2:32 PM | 53 Views
ViewSonic Corp., a leading global provider of visual solution products, today announced it will be exhibiting its latest gaming monitors at the Electronic Sports and Gaming Summit (ESGS) 2017,See More

 
Go Deeper into the Void – CORSAIR Announces New Lineup of VOID PRO Gaming Headsets
Techworld Date Posted: 23 August 2017 11:33 AM | 55 Views
CORSAIR, a world leader in enthusiast memory, PC components and high-performance gaming hardware, today announced the release of its new range of VOID PRO gaming headsets. When you're deep in the game and sound.... See More
 
Go Deeper into the Void – CORSAIR Announces New Lineup of VOID PRO Gaming Headsets
Techworld Date Posted: 11:33 AM | 55 Views
CORSAIR, a world leader in enthusiast memory, PC components and high-performance gaming hardware, today announced the release of its new range of VOID PRO gaming headsets. When you're deep in the game and sound...See More

 
Youth Congress for IT Harnesses the Boundless Potential of Technology and the Youth with AWS Educate
Techworld Date Posted: 21 September 2018 3:46 PM | 331 Views
The 16th Youth Congress for Information Technology (Y4IT), an enabling event recognizing young Filipinos as key drivers of the IT industry’s continued advancement, is set to happen on September 24 to 26, 2018 at.... See More
 
Youth Congress for IT Harnesses the Boundless Potential of Technology and the Youth with AWS Educate
Techworld Date Posted: 3:46 PM | 331 Views
The 16th Youth Congress for Information Technology (Y4IT), an enabling event recognizing young Filipinos as key drivers of the IT industry’s continued advancement, is set to happen on September 24 to 26, 2018 at...See More

 
HyperX Reveals Licensed Headset for PlayStation®4 at ESGS for the First Time in Philippines
Techworld Date Posted: 26 October 2018 4:15 PM | 46 Views
HyperX, the gaming division of Kingston Technology, joins ESGS at the SMX Convention Center, Pasay City in Philippines from October 26th to 28th.. See More
 
HyperX Reveals Licensed Headset for PlayStation®4 at ESGS for the First Time in Philippines
Techworld Date Posted: 4:15 PM | 46 Views
HyperX, the gaming division of Kingston Technology, joins ESGS at the SMX Convention Center, Pasay City in Philippines from October 26th to 28th.See More

 
10 Years in the Making: NVIDIA® Brings Real-Time Ray Tracing to Gamers with GeForce® RTX™
Techworld Date Posted: 22 August 2018 2:04 PM | 78 Views
NVIDIA® has unveiled the GeForce® RTX™ series, the first gaming GPUs based on the new NVIDIA® Turing™ architecture and the NVIDIA® RTX™ platform, which fuses next-generation shaders with real-time ray tracing and all-new AI.... See More
 
10 Years in the Making: NVIDIA® Brings Real-Time Ray Tracing to Gamers with GeForce® RTX™
Techworld Date Posted: 2:04 PM | 78 Views
NVIDIA® has unveiled the GeForce® RTX™ series, the first gaming GPUs based on the new NVIDIA® Turing™ architecture and the NVIDIA® RTX™ platform, which fuses next-generation shaders with real-time ray tracing and all-new AI...See More

 
HMD Global, Chicago Bulls Power Forward Lauri Markkanen Ink Long-Term Partnership
Techworld Date Posted: 23 January 2018 4:41 PM | 361 Views
HMD Global has signed a long-term co-operation agreement with Finnish NBA player Lauri Markkanen, who is playing his first season in the NBA as power forward for the Chicago Bulls.. See More
 
HMD Global, Chicago Bulls Power Forward Lauri Markkanen Ink Long-Term Partnership
Techworld Date Posted: 4:41 PM | 361 Views
HMD Global has signed a long-term co-operation agreement with Finnish NBA player Lauri Markkanen, who is playing his first season in the NBA as power forward for the Chicago Bulls.See More


Power by

Download Free AZ | Free Wordpress Themes