Industrial Control Systems attacks on the rise in H1 2018


According to the latest report from Kaspersky Lab, there has been a significant rise in attacks against the Industrial Control Systems (ICS) in the first half of 2018.

According to the report from Kaspersky Labs, titled “Threat Landscape for Industrial Automation Systems”, there have been over 19,400 detections from 2,800 malware in the first half of this year. To make things even more concerning, most of these attacks have not been specifically designed for ICS.

The data includes ICS protected by Kaspersky and it shows an increase of 41.2 percent, which is significantly higher than 5.0 percent increase noticed in the first half of the last year.

Geographically, most attacks were noticed in countries with low GDP, including Asia, Latin America, and North Africa, but there has also been a significant increase of 21.4 percent in the United States as well. The highest number of attacks has been registered in Vietnam, Algeria, and Morocco, while safest regions included Denmark, Ireland, and Switzerland.

The biggest source of these attacks was the Internet, where 27 percent of attacks came from web sources. While the Internet was the main source, there is a high percentage of attacks coming from removable storage media with 8.4 percent and e-mail clients with 3.8 percent.

“This pattern seems logical: modern industrial networks can hardly be considered isolated from external systems. Today, an interface between the industrial network and the corporate network is needed both to control industrial processes and to provide administration for industrial networks and systems,” report stated.

Kaspersky Lab was also keen to note that most attacks were using Trojans on Windows platform and/or web browsers.

“In H1 2018, threat actors continued to attack legitimate websites that had vulnerabilities in their web applications in order to host malware components on these websites. Notably, the increase in the percentage of ICS computers attacked through browsers in H1 2018 was due to the increase in the number of attacks that involved JavaScript cryptocurrency miners. At the same time, the increase in the number of ICS computers attacked using Microsoft Office documents was associated with waves of phishing emails, so they recommended to use other formats as pdf with pdf software from sites like that help people with this formats.”

You can check out the full report over at Kaspersky Lab.


Previous articleDeloitte shows its Managed Security Services
Next articleChoosing the right firewall for your business
Slobodan Simic is foremost an IT enthusiast who discovered his knack for writing, which lead to becoming both an IT journalist and later an Editor for a number of publications. He has been covering anything from the consumer- and professional-oriented hardware to software markets and networks. With a focus on chasing down leads, making sure that fresh content is ready for publishing, as well as keeping up with the evergrowing and evolving IT world, writing has become more of his passion rather than just a job.