By Business Reporter — MUSCAT: MAY 17 - The percentage of industrial computers under attack grew from over 17 per cent in July 2016 to more than 24 per cent in December 2016, with the top three sources of infection being the Internet, removable storage devices, and malicious e-mail attachments and scripts embedded in the body of e-mails. On average two-in-five computers, related to the technological infrastructure of industrial enterprises, faced cyberattacks in the second half of 2016. These are the findings from Kaspersky Lab’s report, the “Threat Landscape for Industrial Automation Systems in the second half of 2016.”
As the technology and corporate networks of industrial enterprises become increasingly integrated, more and more cybercriminals are turning their attention to industrial enterprises as potential targets. By exploiting vulnerabilities in the networks and software used by these enterprises, attackers could steal information related to the production process or even bring down manufacturing operations, leading to technogenic disaster.
In order to find out how widespread the threat is, Kaspersky Lab ICS CERT specialists have conducted dedicated research into the cyberthreat landscape faced by ICS systems.
They discovered that in the second half of 2016 malware downloads and access to phishing web-pages were blocked on over 22 per cent of industrial computers. This means that almost every fifth machine at least once faced the risk of infection or credential compromise via the Internet.
The desktop computers of engineers and operators working directly with ICS do not usually have direct access to the Internet due to the limitations of the technology network in which they are located. However, there are other users that have simultaneous access to the Internet and ICS. According to Kaspersky Lab research, these computers — presumably used by system and network administrators, developers and integrators of industrial automation systems and third party contractors who connect to technology networks directly or remotely — can freely connect to the Internet because they are not tied to only one industrial network with its inherent limitations.
The Internet is not the only thing that threatens the cybersecurity of ICS systems. The danger of infected removable storage devices was another threat spotted by the company’s researchers. During the period of research, 10.9 per cent of computers with ICS software installed (or connected to those that have this software) showed traces of malware when a removable device was connected to them.
Malicious e-mail attachments and scripts embedded in the body of e-mails were blocked on 8.1 per cent of industrial computers, taking third place. In most cases, attackers use phishing e-mails to attract the user’s attention and disguise malicious files. Malware was most often distributed in the format of office documents such as MS Office and PDF files. Using various techniques, the criminals made sure that people downloaded and ran malware on the industrial organisation’s computers.
Oman Observer is now on the WhatsApp channel. Click here
