In 2018, Kaspersky Lab detected and prevented activity by malicous objects on almost half of Industrial Control System (ICS) computers protected by the company’s products and defined as part of an organization’s industrial infrastructure. The most affected countries were Vietnam, Algeria and Tunisia. These are some of the main findings of the Kaspersky Lab ICS CERT report on the industrial threat landscape in H2 2018.
Malicous cyber activities on ICS computers are considered an extremely dangerous threat as they could potentially cause material losses and production downtime in the operation of industrial facilities.
In 2018, the share of ICS computers that experienced such activities grew to 47.2% from 44% in 2017, indicating that the threat is rising.
According to the new report, the top-3 countries in terms of the percentage of ICS computers on which Kaspersky Lab prevented malicious activity were the following: Vietnam (70.09%), Algeria (69.91%), and Tunisia (64.57%). The least impacted nations were Ireland (11.7%), Switzerland (14.9%), and Denmark (15.2%).
“Despite the common myth, the main source of threat to industrial computers is not a targeted attack, but mass-distributed malware that gets into industrial systems by accident, over the internet, through removable media such as USB-sticks, or e-mails. However, the fact that the attacks are successful because of a casual attitude to cybersecurity hygiene among employees means that they can potentially be prevented by staff training and awareness – this is much easier than trying to stop determined threat actors,” said Kirill Kruglov, security researcher at Kaspersky Lab ICS CERT.
Kaspersky Lab ICS CERT recommends implementing the following technical measures: