Almost 40 Per Cent Of Industrial Computers Faced A Cyberattack In The 2nd Half Of 2016

On average two-in-five computers, related to the technological infrastructure of industrial enterprises, faced cyberattacks in the second half of 2016. This is a finding from Kaspersky Lab’s report “Threat Landscape for Industrial Automation Systems. The second half of 2016.”

The percentage of industrial computers under attack grew from over 17 per cent in July 2016 to more than 24 per cent in December 2016, with the top three sources of infection being the Internet, removable storage devices, and malicious e-mail attachments and scripts embedded in the body of e-mails. Edgard Capdevielle, CEO of Nozomi Networks commented below.

Edgard Capdevielle,  CEO at Nozomi Networks:

edgard-capdevielle“Kaspersky’s research is further evidence that ICS networks today face all the same security use cases as any enterprise. From malicious insiders, cyber espionage, ransomware etc, but unfortunately many lack similar security options.

“The issue is that security in control systems today is bolted on rather than designed in. These cumbersome and often manual configurations don’t naturally fit with the complexity of industrial installations that were never designed to be connected to the outside world, nor fall within the skill set of industrial engineers who find themselves tasked with managing them. We need to rethink security so it’s designed in from the outset, so as new technology is implemented in ICS and SCADA infrastructure it is secure and as new threats – such as ransomware, emerge they are thwarted. But that will take time.

“How fast ICS teams can detect and remediate a situation could mean the difference between a small incident or one that potentially has a severe impact on millions.

“While there’s no easy answer, there is some good news in that innovations – such as machine learning and Artificial Intelligence enhanced cyber-attack detection, can help companies leverage technologies to gain efficiencies in their industrial process cybersecurity programs, as well as speeding the investigation of incidents to contain attacks before significant damage can occur.”

Information Security Buzz