Not all attacks against ICS are the same

[rakhirhif8963]

Kaspersky Lab found that 41.2% of systems were attacked at least once in the first six months of 2018 (compared to 36.6% in the first half of 2017).

The attacks targeted Windows-based systems performing supervisory control and data acquisition (SCADA) functions, serving as data storage servers or data gateways in operational networks, or used as workstations by engineers and operators.

Symantec has reported a six-fold increase in attacks against its customers compared to last year, with the range of threats detected being diverse.

While Kaspersky Lab and Symantec have seen a spike in attacks on ICS, those systems don’t appear to be connected to critical infrastructure, said Dale Peterson, CEO of ICS security consultancy Digital Bond. “You don’t see ICS as a whole,” he said. “You see smaller companies or low-cost ICS on corporate networks. The reports show that those systems are being attacked more often. But those aren’t the power systems or the big water systems that are critical infrastructure.”

The large critical infrastructure providers Peterson lithuania whatsapp data with rarely see successful attacks, although he acknowledges that even these providers have security problems. The most dangerous attacks for them are against administrators using remote access from external workstations. Phishing attacks are often used against them.

While these attacks are harder to plan and execute, they can have a significant impact. “These networks are harder to penetrate than they used to be, but if you do, the networks are insecure,” Peterson said. “Because they’re designed to be insecure