Over 33% ICS computers faced cyberattacks in H2 2020: Report

The percentage of ICS computers attacked in the engineering and ICS integration sector grew by nearly 8 percentage points, said the report.

New Delhi: Globally, the percentage of attacked ICS (industrial control system) computers in the second half of 2020 was 33.4 per cent, said a new report from cybersecurity firm Kaspersky.

The percentage of ICS computers attacked in the engineering and ICS integration sector grew by nearly 8 percentage points, said the report.

The building automation and oil & gas sectors also saw considerable spike.

Overall, the percentage of ICS computers attacked increased in 62 per cent of the countries examined by Kaspersky researchers and across all five industries studied.

The research suggests that while the percentage of ICS computers on which malicious objects were blocked had declined since the second half of 2019, this number again started to rise in the second half of 2020.

“We typically see a decline in the percentage of ICS computers attacked in the summer months and December as people go on holiday. However, with borders closed and countries on lockdown, it’s likely many didn’t take their vacation, and we did not see any noticeable decrease,” Evgeny Goncharov, Head of ICS CERT at Kaspersky, said in a statement.

“In addition, while ransomware attacks declined globally, in developed countries, such as the US and Western Europe, the number of attacks actually significantly increased-perhaps because, amidst the current economic downturn, criminals thought these places had businesses with the means to actually pay.”

Attacks against industrial organisations always carry the potential to be particularly devastating, both in terms of disruption to production and financial losses.

In addition, because of the highly sensitive information industrial organisations possess, they tend to be an attractive target for attackers.

However, starting with the second half of 2019, Kaspersky experts had observed a decline in the percentage of ICS computers on which malicious objects were detected, as criminals appeared to be focusing on more targeted attacks.

In H2 2020, threats to ICS computers again started to rise from almost each and every perspective, with both the percentage of attacked ICS increasing globally by .85 percentage points and the variety of malware families used increasing by 30 per cent.

Of those industries examined by Kaspersky researchers, those with the greatest percentage of ICS computers attacked were building automation at 46.7 per cent, an increase of nearly 7 percentage points from H1 2020, oil & gas at 44 per cent, an increase of 6.2 percentage points from H1 2020, and engineering and ICS integration at 39.3 per cent, an increase of nearly 8 percentage points.

Threats to the oil & gas and building automation industries have been on the rise since H1 2019.

The other two industries examined by Kaspersky researchers — energy and automotive manufacturing — also saw an increase in the percent of ICS computers on which malicious objects were blocked.

To keep ICS computers protected from various threats, Kaspersky experts recommended that organisations should regularly update operating systems and application software that are part of the enterprise’s industrial network and apply security fixes and patches to ICS network equipment as soon as they are available.

Among other recommendations, the experts said that organisations should use ICS network traffic monitoring, analysis and detection solutions for better protection from attacks potentially threatening technological process and main enterprise assets.