The risks facing industrial control systems

Issue 2 2022 Industrial (Industry)

222OHSS57 Percentage of ICS computers on which malicious objects from various categories were blocked.

Industrial control systems at risk as the share of computers attacked with miners, spyware and malicious scripts on the rise, says Kaspersky ICS CERT.

During the second half of 2021, almost 40% of all industrial control systems (ICS) globally were attacked by malicious software at least once. Even though the overall number of attacks has seen a slight decrease when compared to H1 2021, the ICS threat landscape in the second half of the year became highly diversified, with the percentage of ICS computers on which miners were blocked grew by 0,5%, spyware up 0,7% and malicious scripts growing at 1,4 times the rate seen at the beginning of 2020.


Percentage of ICS computers on which malicious objects from various categories were blocked.

According to Kaspersky ICS CERT, the percentage of ICS computers on which malicious objects were blocked in 2021 increased by 1% from 2020, rising from 38,6% to 39,6%. However, if the situation is examined by each 6-month period, the landscape looks better, with H2 2021, seeing this figure drop by 1,4% for the first time in one and a half years.

Overall, Kaspersky security solutions blocked over 20 000 malware variants during the second half of 2021. Although this figure did not change much compared to the previous six months, a detailed analysis of detected malware shows that the proportion of ICS computers attacked with spyware, malicious scripts and miners grew.

Malicious scripts are rising steadily year over the year. In H2 2021, the percentage of ICS computers attacked by them increased by 1,4 times from the beginning of 2020 and was up by 0,5% compared to the previous half of 2021. Cybercriminals use malicious scripts to achieve various goals ranging from data collection to loading other malware, such as spyware or cryptocurrency miners.

Significantly, as threat actors use scripts more and more, they are also increasingly using spyware and cryptocurrency miners. The former is mostly used to steal victims’ credentials or money and the percentage of ICS computers attacked with spyware is up by 1,4% since H1 2020. Spyware continues to grow and is up in use for the third six-month period in a row. The share of ICS computers attacked by miners has more than doubled since H1 2020.

“Industrial control systems possess sensitive data and are responsible for the functioning of the most important sectors. A low-risk attack for IT infrastructure can still be a significant threat for operational technology (OT). While overall, the threat types that find their way to ICS computers have remained relatively the same, we have seen a constant increase in the share of ICS computers facing malicious scripts and phishing pages, along with Trojans, spyware and miners which would be normally delivered by the malicious scripts. Crypto miners are generally overlooked as a significant threat, which is not a good approach. While the influence of miners on the office network may be insignificant, in the course of their work and distribution, they can lead to the denial of service for some components of the automated control system,” comments Kirill Kruglov, security expert at Kaspersky.

To learn more about threats to ICS and industrial enterprises in 2022, check out the ICS threat predictions for 2022 at https://securelist.com/threats-to-ics-and-industrial-enterprises-in-2022/104957/




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Quality fire detection installation at Baywear Clothing
G2 Fire Fire & Safety Industrial (Industry) Products & Solutions
JZL Projects and Solutions was asked to provide a comprehensive yet cost-effective and reliable fire detection solution for Baywear Clothing that would be installed with minimum disruption to the factory.

Read more...
210 million industrial endpoints secured by 2028
News & Events Information Security Industrial (Industry)
A new study by Juniper Research has found that there will be growth of 107% over the next five years in the number of industrial endpoints featuring cybersecurity protection.

Read more...
Growing cyber threats to SA’s critical infrastructure
News & Events Information Security Industrial (Industry)
The increasing reliance on digital infrastructure makes critical sectors like utilities more susceptible to cyber threats. This concern has been highlighted by Kaspersky's recent discovery of a new SystemBC variant that has targeted a South African nation's critical infrastructure.

Read more...
Smart manufacturing redefined
Hikvision South Africa Surveillance Industrial (Industry)
AI and intuitive visualisation technology allows managers to monitor manufacturing sites, production, and operational processes, and to respond in real time in the event of an issue – helping to drive efficiency and productivity.

Read more...
CHI selects NEC XON as trusted cybersecurity partner
News & Events Information Security Industrial (Industry)
CHI Limited, Nigeria's leading market player in fruit juices and dairy products, has engaged in a strategic cybersecurity partnership with NEC XON, a pan-African ICT systems integrator.

Read more...
Edge technology can transform manufacturing in South Africa
Axis Communications SA Surveillance Integrated Solutions Industrial (Industry)
Aligning South African manufacturing more closely with this global shift to edge technologies could take manufacturing in the country to a new level, says Axis Communications’ Rudie Opperman.

Read more...
Edge AI and managing risk in the cloud
Industrial (Industry) Infrastructure
As organisations see greater volumes of data generated from their operations. It is understandable and imperative that this data is leveraged to generate more value and increase insight that help operations and asset integrity managers ‘do more, better’.

Read more...
Supporting local manufacturing
Industrial (Industry) Infrastructure
Smart Security asked Esenthren Govender, Solutions Executive at Technodyn for insight into how the company supports local manufacturing organisations to optimise their business.

Read more...
New algorithm for OT cybersecurity risk management
Industrial (Industry) Information Security News & Events Commercial (Industry)
OTORIO’s new risk management model and attack graph analysis algorithm technology, calculates OT cybersecurity threats and provides risk mitigation actions, prioritised according to actual exposure and potential impact on operations.

Read more...
The role of AI in industrial plants
Industrial (Industry)
The average modern industrial plant uses less than 27% of the data it generates, but industrial AI can play a major role in identifying patterns and making process predictions through new software platforms that simplify convergence and analysis of OT/IT/ET data.

Read more...