Almost every other Industrial Control System (ICS) computer was attacked by malware last year, new research has revealed.
A report by Kaspersky Lab warned that the threat is rising, as in 2018, 47.2 per cent of machines were attacked, compared to 44 per cent the year before.
Vietnam, Algeria and Tunisia were the countries most affected by this rising threat. On the other end of the spectrum are Ireland, Switzerland and Denmark.
Researchers at Kaspersky Lab claim these types of attacks are extremely dangerous because they can lead to downtime in the operation of industrial facilities, causing material and financial losses.
Kaspersky warns organisations to stay vigilant and keep their security posture by regularly updating operating systems and software, applying security fixes to PLC, RTU and network equipment, restricting traffic on ports and protocols used on edge routers, auditing access control for ICS components and deploying endpoint security solutions on ICS servers, workstations and HMIs.
“Despite the common myth, the main source of threat to industrial computers is not a targeted attack, but mass-distributed malware that gets into industrial systems by accident, over the internet, through removable media such as USB-sticks, or e-mails. However, the fact that the attacks are successful because of a casual attitude to cybersecurity hygiene among employees means that they can potentially be prevented by staff training and awareness – this is much easier than trying to stop determined threat actors,” said Kirill Kruglov, security researcher at Kaspersky Lab ICS CERT.
Image source: Shutterstock/igor.stevanovic