Post by account_disabled on Dec 30, 2023 11:05:47 GMT
According to the Kaspersky ICS CERT Report, in the first six months of 2019, Kaspersky solutions detected nearly half (41.6%) of computer threats in industrial control systems (ICS) of enterprises. Energy The top three threats that hit computers, accounting for 14%, were worms, spyware and cryptocurrency mining. Industrial cyberattacks are among the most dangerous, with production disruptions and financial losses difficult to overcome. Especially when something happens to an industry that involves life and death like energy. For the first half of 2019, Kaspersky products found that 41.6% of ICS computers in the energy sector were exposed to cyber threats. Many of the malware detected and blocked were not specifically designed to attack ICS. Of the total malicious programs blocked, the most serious threats were crypto miners (2.9%) and worms (7.1%). ) and spyware (3.7%) Malware infections can affect the usability and reliability of ICS systems and other systems in industrial networks. Among the detected malware is some interesting malware.
The first is AgentTesla, which is a Trojan-spy malware designed to steal Job Function Email Database credentials. Screen recording Data captured from webcam and keyboard The attacker sends this information through a hacked mailbox. In addition to the malware, Meterpreter was also discovered, a backdoor used to remotely control computers on the network. Attackers can secretly take control of ICS computers and cause heavy damage to industrial systems. Another malware is Syswin, a new viper worm written in Python and available as a Windows executable. It affects ICS computers by self-propagating and destroying data. The energy industry is not the only sector to suffer from cyber attacks. Kaspersky experts found that The automobile industry (39.3%) and building automation industry (37.8%) had the second and third highest number of ICS computers attacked. Kirill Kruglov, security researcher at Kaspersky, said: Statistics and analysis of cyber attacks on industrial sectors allow us to assess current trends and predict the types of threats we need to prepare for. The report states that security professionals must be wary of malicious software that steals data. Spy on important information, invade the area and destroy it. These events will cause significant damage to the industry.”
Technical measures recommendations from Kaspersky ICS CERT - Regularly update systems connected as part of industrial networks. both operating systems application software and security solutions . - Restrict network traffic on ports and protocols used on edge routers and in operational technology (OT) networks. - Review access controls and boundaries for ICS components in Enterprise Industrial Networks - Provides regular OT/ICS network access training to employees and employees. Partners and suppliers - Use endpoint-specific security solutions for server Workstations and HMIs to protect OT and industrial infrastructure from cyberattacks Including checking network traffic Solutions like Kaspersky Industrial CyberSecurity Able to analyze, detect and protect systems from targeted attacks.
The first is AgentTesla, which is a Trojan-spy malware designed to steal Job Function Email Database credentials. Screen recording Data captured from webcam and keyboard The attacker sends this information through a hacked mailbox. In addition to the malware, Meterpreter was also discovered, a backdoor used to remotely control computers on the network. Attackers can secretly take control of ICS computers and cause heavy damage to industrial systems. Another malware is Syswin, a new viper worm written in Python and available as a Windows executable. It affects ICS computers by self-propagating and destroying data. The energy industry is not the only sector to suffer from cyber attacks. Kaspersky experts found that The automobile industry (39.3%) and building automation industry (37.8%) had the second and third highest number of ICS computers attacked. Kirill Kruglov, security researcher at Kaspersky, said: Statistics and analysis of cyber attacks on industrial sectors allow us to assess current trends and predict the types of threats we need to prepare for. The report states that security professionals must be wary of malicious software that steals data. Spy on important information, invade the area and destroy it. These events will cause significant damage to the industry.”
Technical measures recommendations from Kaspersky ICS CERT - Regularly update systems connected as part of industrial networks. both operating systems application software and security solutions . - Restrict network traffic on ports and protocols used on edge routers and in operational technology (OT) networks. - Review access controls and boundaries for ICS components in Enterprise Industrial Networks - Provides regular OT/ICS network access training to employees and employees. Partners and suppliers - Use endpoint-specific security solutions for server Workstations and HMIs to protect OT and industrial infrastructure from cyberattacks Including checking network traffic Solutions like Kaspersky Industrial CyberSecurity Able to analyze, detect and protect systems from targeted attacks.