Industrial control systems threat medley

Issue 8 2021 News

According to Kaspersky ICS CERT, almost one in three industrial computers globally was subject to malicious activity in H1 2021. During the first half of 2021, cyber criminals intensively used various types of spyware and malicious scripts while performing their attacks. These types of threats are growing for the second six-month period and pose a big challenge to industrial control systems (ICS).

Attacks against industrial organisations are particularly dangerous as cyber criminals might steal data and money, as well as disrupt the established system of production. An increase in the diversity of threats to such networks indicates the growth of the attackers’ interest in them and consequently, an increase in the need to reliably protect them.

According to the ‘Threat Landscape for Industrial Automation Systems Report’, Kaspersky security solutions blocked over 20 000 malware variants during the first six months of 2021. To find out more about how the ICS threat landscape changed during the reporting period, Kaspersky researchers analysed various types of malware used during cyber-attacks against industrial systems. They subsequently found that the percentage of spyware and malicious scripts used against ICS has grown continuously over the past half a year.

In fact, spyware (Trojan-Spy malware, backdoors and keyloggers), which are mostly used to steal money, are up by 0,4 percentage points. At the same time, malicious scripts grew by 0,7 percentage points. Threat actors use such scripts on various websites hosting corrupted content to redirect users to sites which distribute spyware or malware designed to mine cryptocurrency without the user’s knowledge.

“Industrial organisations always attract attention from both cyber criminals and politically-motivated threat actors. Reflecting on the previous half year, we have seen among other findings, growth in the number of cyber espionage and malicious credential stealing campaigns. Their success has most likely been the main factor raising the ransomware threat to such a high degree. And I see no reason some of the APT groups won’t benefit from these credential stealing campaigns as well.” comments Evgeny Goncharov, security expert at Kaspersky.

Read more about the ICS threat landscape on the KasperskyICS CERT website.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Real-world ransomware
Ransomware hit 51% of South African organisations surveyed for Sophos’ Annual ‘State of Ransomware 2022’; and 49% of South African organisations that had data encrypted in a ransomware attack paid the ransom.

New renewable energy partnership
SolarWorld Africa partners with Meyer Burger to bring solar technology to South Africa and sub-Saharan Africa. The partnership will see both leading businesses serve the African renewable energy sector.

inq. expands in SA with acquisition of Syrex
Inq., a Convergence Partner’s company, is set to acquire Syrex, a provider of hyper-converged cloud technology solutions in South Africa to provide innovative and reliable solutions to the South African market.

Check Point and DCC partner for SA and SADC channel
Check Point Software Technologies has appointed Drive Control Corporation (DCC) as its official distributor for South Africa and the SADC region. The appointment will see DCC distributing Check Point’s ...

Product launches, demos and competitions at Securex 2022
Specialised Exhibitions News
The first Securex South Africa expo since 2019 is coming up and exhibitors are pulling out all the stops to wow visitors.

Facilities Management seminar theatre
Free-to-attend Facilities Management Expo 2022 seminar theatre, sponsored by Broll, will focus on today’s industry-critical topics.

From the editor's desk: Signs of life?
Technews Publishing News
Welcome to the latest issue of Hi-Tech Security Solution. The big news in this issue is the Securex Preview which, although smaller than in the past, is still a great (late) start to the year as it means ...

ZKTeco Experience Centre
ZKTeco News Access Control & Identity Management
ZKTeco South Africa has opened the doors to its innovative and interactive space, the ZKTeco Experience Centre in Centurion, Pretoria and welcomes visitors to partake in the ‘Powered by ZKTeco’ experience.

Technoswitch appointed as FST distributor
Technoswitch Fire Detection & Suppression News Fire & Safety
Technoswitch’s appointment as a distributor for the Fire & Security Techniques (FST) range of fire suppression solutions forms part of the company’s strategic plan to expand its range of suppression solutions.

Self-learning AI for existing CCTV systems
Iris AI Editor's Choice CCTV, Surveillance & Remote Monitoring News
Snap Guard is a cloud application that integrates into a property owner’s live CCTV feed, working with existing hardware and software, adding an additional layer of security.