Companies in the manufacturing, industrial and infrastructure sectors have been warned to tighten up their security as industrial control systems increasingly come under sophisticated attacks.
The warning comes from security specialist Kaspersky, which has warned that computers used in industry have become prime targets for hackers.
Kaspersky says that one in three attacks on industrial systems hammer down on manufacturers of all sorts of things, including materials and general goods. Also taking a bit of a beating are companies in the drinks industry, as well as education and engineering outfits.
“In the first half of the year we’ve seen how weakly protected industrial systems are: pretty much all of the affected industrial computers were infected accidentally and as the result of attacks targeted initially at home users and corporate networks,” said Evgeny Goncharov, head of critical infrastructure at Kaspersky Lab.
“In this sense, the WannaCry and ExPetr [or NotPetya] destructive ransomware attacks proved indicative, leading to the disruption of enterprise production cycles around the world, as well as logistical failures, and forced downtime in the work of medical institutions.
“The results of such attacks can provoke intruders into further actions. Since we are already late with preventive measures, companies should think about proactive protective measures now to avoid ‘firefighting’ in future.”
We know what sort of proactive measures Kaspersky is talking about, and we suspect that it sells them, but hey, we think it is a decent company despite what they think in the USA.
Kaspersky found that Ransomware has become a major issue, which is not surprising given how easily a successful attack can be monetised. It’s research found 33 families of the malware, and that 0.5 per cent of these industrial computers were attacked with encryption malware at least once in the first half of this year.
“The WannaCry epidemic ranked highest among encryption ransomware families, with 13.4 per cent of all computers in industrial infrastructure attacked.
“The most affected organizations included healthcare institutions and the government sector. ExPetr was another notorious encryption ransomware campaign from the first half of the year, with at least 50 per cent of the companies attacked being from manufacturing, and Oil & Gas industries,” added the company.
“The Top 10 most widespread encryption Trojan families include other ransomware families, such as Locky and Cerber, operating since 2016 and since that time have earned the highest profit for cybercriminals”.