Industrial Control Systems Suffer Rising Cyberattacks – Kaspersky Lab

Security experts at Kaspersky Lab have warned about the scale of cyber attacks against Industrial Control System (ICS) computers around the world

It said that in the second half of 2018, almost one in two ICS computer had been impacted by malicious cyber activity, the firm warned.

It comes after Norwegian manufacturing firm Norsk Hydro admitted it had lost more than $40m, in the week following a ransomware attack that crippled large parts of its control systems for its plants around the world.

ICS attacks

Cyber attacks against ICS computers are considered extremely dangerous, as they potentially cause material losses and production downtime in the operation of industrial facilities.

In 2014 for example, a blast furnace at a steelworks in Germany was badly damaged by a cyber attack. That attack resulted in “massive damage to machinery” at the unnamed German steel mill.

Researchers have previously warned that security weaknesses in industrial control systems could allow hackers to create cataclysmic failures in infrastructure.

Countries such as the United States has already passed legislation that would protect its electricity grid from cyber attacks.

But Kaspersky Lab warned in a new ICS CERT report that during 2018, the share of ICS computers that experienced such activities grew to 47.2 percent from 44 percent in 2017. This, it said, demonstrates the increasing threat to ICS computers.

The firm said that in 2018, it detected and prevented activity by malicious objects on almost half of Industrial Control System (ICS) computers protected by its products.

It said that the most affected countries were Vietnam (70.09 percent), Algeria (69.91 percent), and Tunisia (64.57 percent).

The least impacted nations were Ireland (11.7 percent), Switzerland (14.9 percent), and Denmark (15.2 percent).

“Despite the common myth, the main source of threat to industrial computers is not a targeted attack, but mass-distributed malware that gets into industrial systems by accident, over the internet, through removable media such as USB-sticks, or emails,” said Kirill Kruglov, security researcher at Kaspersky Lab ICS CERT.

“However, the fact that the attacks are successful because of a casual attitude to cybersecurity hygiene among employees means that they can potentially be prevented by staff training and awareness – this is much easier than trying to stop determined threat actors,” Kruglov added.

To help combat this, Kaspersky Lab ICS CERT recommends regularly updating operating systems, application software on systems that are part of the enterprise’s industrial network.

Security fixes, when available, should be applied; and firms should restrict network traffic on ports and protocols used on edge routers and inside the organisation’s OT networks.

Other recommendations includes regular audits, the installation of endpoint protection solutions; and provide dedicated training and support for staff.

Industrial threat

The threat to industrial systems should not be underestimated.

In 2017 US authorities warned of ongoing online attacks on critical sectors such as government, energy and manufacturing that “in some cases” have successfully compromised targets’ networks.

That same year the National Cyber Security Centre (NCSC) acknowledged it was investigating a broad wave of attacks on companies in the British energy and manufacturing sectors which were “likely” to have compromised some industrial control systems.

In 2016 a German nuclear power plant in Bavaria admitted that its systems were riddled with malware, and the plant was shut down as a precaution.

In 2015 a hacker managed to hack into the systems of a nuclear power plant in South Korea. A computer worm was later discovered in a device connected to the control system, but the plant operator insisted that the breach had not reached the reactor controls itself.

Do you know all about security? Try our quiz!