In an analysis of the first half of 2018, Kaspersky Lab has found that more than 40 percent of industrial control system (ICS) computers protected by Kaspersky Lab solutions were attacked by malicious software at least once. The statistics show that this threat is rising: up from 36.61 percent in the first half of 2017, and up from 37.75 percent in the second half of that year.
Cyber attacks on industrial computers are considered to be an extremely dangerous threat as they cause material losses and production downtime for a whole system. Moreover, industrial enterprises knocked out of service can seriously undermine a region’s social welfare, ecology and macroeconomics.
The top countries by the number of ICS computers attacked in 2018 were Vietnam, where 75.1 percent of ICS computers were attacked, Algeria, with 71.6 percent and Morocco with 65 percent. As for the least attacked industrial facilities, the top three countries turned out to be Denmark with 14 percent attacked computers in industrial enterprises, followed by Ireland with 14.4 percent and Switzerland close behind, accounting for 15.9 percent.
To help protect ICS computers Kaspersky Lab ICS CERT recommends implementing the following technical measures:
- Regularly update operating systems, application software and security solutions on systems that are part of the enterprise’s industrial network.
- Restrict network traffic on ports and protocols used on edge routers and inside the organisation's OT networks.
- Audit access control for ICS components in the enterprise’s industrial network and at its boundaries.
- Deploy dedicated endpoint protection solutions on ICS servers, workstations and HMIs to secure OT and industrial infrastructure from random cyberattacks; and network traffic monitoring, analysis and detection solutions for better protection from targeted attacks.
- Provide dedicated training and support for employees as well as partners and suppliers with access to your network.