Kaspersky Lab has raised the alarm on the escalating number of malicious attacks against Industrial Control Systems (ICS) and critical infrastructure.
The Russian cybersecurity company warned that threats against highly important facilities can endanger both business networks and people’s lives.
Industrial and critical infrastructure serve as the backbones of a nation or a state. The major critical infrastructure sectors are energy, transportation, aerospace, oil and gas, chemical, automotive and manufacturing, food and beverage, government, financial and medical services.
When cybercriminals take over such ICS facilities in any of these sectors, they can use them to effectively undermine a nation’s economy, safety, peace, or all of the above.
In 2015, Kaspersky Lab has unmasked the highly sophisticated Advanced Persistent Threat (APT) actor named the Equation Group which targeted diverse industrial and critical facilities.
The hacking group has been discovered to be infiltrating and spying into networks of infrastructures in sectors such as telecoms, aerospace, energy, nuclear research, oil and gas, military, nanotechnology and transportation from more than 30 countries worldwide since 2001.
In December of the same year, the successful malware attack using BlackEnergy malware resulted in the massive unscheduled power outage in Ukraine which left more than more than 230,000 residents without electricity for up to six hours.
Experts from Kaspersky Lab has found that the BlackEnergy APT have been actively trying to control ICS, energy, government and media in Ukraine as well as ICS/SCADA companies and energy companies worldwide.
Kaspersky Lab’s ICS-CERT Report also revealed 30% or three in 10 ICS users in the Philippines were saved from malware attacks during the second half of 2016.
The report said removable media like USBs, CDs, disks, and drives were the main sources of compromise for ICS networks in the country.
Kaspersky Lab’s Industrial CyberThreats Real Time Map also showed globally, the Philippines is the 46th most attacked country in terms of ICS and critical infrastructure.
“The threats against industrial and critical infrastructure are present in every country. No one is immune,” Vikram Kalkat, senior key account manager for Kaspersky Industrial CyberSecurity Global Business Development at Kaspersky Lab Asia Pacific.
“The catastrophic impact of an attack against the vital facilities makes it necessary for governments and private sectors to seriously think about industrial cybersecurity. Recognizing that such threats are real is a fundamental step towards understanding how we can work to mitigate, if not completely avoid, the imminent dangers that these threats may bring about,” he added.
Kaspersky Lab has developed a comprehensive portfolio of technologies, solutions and services to help customers tackle and manage many of these risks.
“Operation technology of critical infrastructure should focus on infrastructure availability of automated systems rather than only data confidentiality. Kaspersky Lab has been improving its security portfolio and threat intelligence to secure these vital facilities. There is an urgent need for specialized solutions to combat these type of threats,” said Kalkat.
To secure ICS and critical infrastructure, Kaspersky has developed Kaspersky Industrial CyberSecurity, a specialized security solution designed to protect complex industrial environments that contain a diverse range of proprietary systems.
This solution provides security at all industrial layers — including SCADA servers, HMI panels, workstations, PLCs and network connections — from cyber-threats, without impacting on operational continuity and consistency of the technological process.
Kaspersky Lab also has its own non-commercial project called Industrial Systems Computer Emergency Response Team (known as Kaspersky Lab ICS-CERT). It is a global CERT entity that welcomes the collaboration of critical infrastructure operators, vendors and government institutions.
The Kaspersky Lab ICS-CERT is a special project that offers a wide range of information services, starting from the intelligence on the latest threats and security incidents with mitigation strategies and all the way up to incident response and investigation consultancy and services. It shares information and expertise to its members free of charge.