Kaspersky Report: Targeted attacks against ICS sector on the rise

January 5, 2018 – According to the Kaspersky Lab, IT Security Risks Survey[1], every fourth industrial company of over 900 surveyed faced a variety of cyberattacks in 2017. Of the evolving types of threats used by cybercriminals, one of the fastest growing types aimed at industrial organizations is targeted attacks, with 28 percent of those surveyed admitting they faced an attack in 2017, compared to 20 percent in 2016.
The survey also revealed that 48 percent ofindustrial businesses have insufficient insight into the threats specifically faced by their business. With a lack of network visibility, 87 percent of industrial companies responded affirmatively when asked if any of the informational technology/operational technology (IT/OT) security events they experienced over the previous year were complex. Given there is an unclear understanding of the threats they are facing, it’s no surprise that industrial organizations spend on average of several days (34%) to several weeks (20%) detecting a cyberattack.
Although industrial organizations lack insight and have difficultly identifying cyberattacks in their networks, they are fully aware of the need for high-quality protection against cyberthreats. In fact, 62 percent of employees at industrial companies firmly believe it’s necessary to use more sophisticated IT security software. However, software alone is not enough: almost half (49%) of industrial company respondents blame staff for not properly following IT security policies, which is 6 percent more than respondents surveyed that belong to other sectors.
“Cyberattacks on industrial control systems have become the indisputable number-one concern,” said Andrey Suvorov, head of critical infrastructure protection business development at Kaspersky Lab. “The good news is that the majority of industrial market players know which threats are coming to the forefront today and will be relevant in the near future. With this knowledge in mind, it’s critically important to implement a flexible, complex security solution that is designed to protect automated industrial environments and is configured in accordance with the technological processes of each organization.”
Due to the steady increase in complexity and number of attacks on the industrial market, the consequences of industrial organizations ignoring cybersecurity threats in 2018 could be disastrous. Cybersecurity awareness training is a must when it comes to cybersecurity in industrial organizations, given that all employees – from the administration side to the factory floor – play a key role in the safety of an enterprise and maintaining operational continuity.
The Kaspersky Lab survey findings further confirm the predictions of Kaspersky ICS CERT experts about the emergence of specific malware that will target vulnerabilities in industrial automation components this year.

Check out our free e-newsletters
to read more great articles.
MORE INDUSTRY NEWS
-
ISA announces final call for Educational Foundation Scholarship applications
University students who have potential in the field of automation should submit an application. All applications must be submitted no later than...
-
OSI to help Spanish power company enhance SCADA/Generation Management System
This system with replace an aging SCADA/GMS currently servicing the Balearic and Canary Islands, two Spanish archipelagos in the Mediterranean Sea...
-
Beckhoff Automation announces Kevin Barker as President
As the new president, Barker will oversee all sales, engineering, marketing and administrative operations from the headquarters of Beckhoff...
-
Dassault Systèmes announces acquisition of elecworks automation design software product line...
The acquisition of the elecworks assets will streamline and boost Dassault Systèmes’ development of an integrated mechatronics solution on the...
-
CyberX partners with Spire Solutions to strengthen industrial cybersecurity solutions in the...
CyberX is an industrial cybersecurity company to have been awarded a patent for its ICS-aware threat detection analytics and machine learning...
RELATED
-
Softomotive announces Softomotive’s RPA Academy online learning portal
The Softomotive Academy is designed to improve the employability quotient of professionals and developers. It provides them with the opportunity to...
-
Lean Manufacturing and the Global Digital Process Automation Market
By Thomas R. Cutler
Digital Visual Management on the manufacturing plant floor is secure by creating virtual meeting rooms for real-time, 24/7,... -
Inside the Top Causes of PLC Control System Failure
By James Davey, Boulting Technology
Despite their resilience and rugged design, PLC-based control systems can still break down and their failure... -
Network Monitoring: Passive, Active or Both
By Zane Blomgren, Tripwire
There is little doubt that the need for OT operators to adapt to stronger cyber security postures is getting... -
Making the IoT Work for Test
By Mike Santori, National Instruments
The IoT and IIoT are making test more complex. IoT technologies can help address automated test challenges....