Attacks On Industrial Control System At An All-Time High

Uploaded on 2016-06-22 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Consulting, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Threats to industrial control systems are going up: More incidents involving ICS operators—organizations that use and maintain ICS as part of their operations—occurred in 2015 than any year prior.

And no wonder: ICS represents an increasingly diverse and extensively connected set of technologies. It controls and automates significant portions of our connected society, including power moving through the electrical grid, oil flowing through pipelines, travelers commuting on rail systems, and systems controlling pharmaceutical and food manufacturing.

According to Booz Allen, the number of incidents reported to US authorities rose by 17% in FY 2015. With 295 reported incidents, 2015 had the most reported incidents to date. And for the first time since ICS-CERT began tracking reported incidents in 2009, critical manufacturing experienced more incidents than the energy-sector.

Spear-phishing is the primary method of attack, with the number of attacks increasing by 160%—from 42 to 109—from FY 2014 to FY 2015.

Based on Booz’s analysis, new targets, including light rail operators, and new tactics, such as SCADA-access-as-a-Service (SAaaS) and ransomware against ICS, are likely to emerge or expand. For instance, in December 2015 alone, hackers used SCADA access to cause a blackout in Ukraine that affected 225,000 citizens, while that same month, US investigators revealed that an Iranian hacker had previously gained access to the Bowman Dam in New York through a SCADA system.

The report also uncovered that nation-state-backed groups are conducting sophisticated and widespread campaigns to steal operational data and establish footholds in ICS environments. Evidence of this is North Korea’s reconnaissance of light-rail operators in potential preparation for an ICS attack. Within the past eight months, North Korea has been tied to three separate reconnaissance attacks on South Korea’s light-rail operators. In each scenario, North Korea stole information pertaining to critical systems, such as speed and safety controls, traffic flow monitors and other central operating systems.

Safety, availability, protection of the environment, and process uptime are the primary drivers of ICS cybersecurity investments. Unfortunately, bad actors recognize the operational, economic and safety impacts attacks on ICS infrastructure can cause.

“Awareness of the risks associated with these systems is important, not just for the operational technology cybersecurity professionals responsible for securing these networks and devices but also for information technology professionals, organizational leaders, and regular employees,” Booz Allen noted in a threat briefing. “The impacts of attacks on ICS can be devastating. Attacks can cause extended operational halts to production and physical damage, and even jeopardize the safety of employees and customers. The attack surface for ICS is larger than just the ICS devices, equipment, and networks: It extends to all parts of an organization, including the extended supply chain.”

Infosecurity Magazine

« A Nano Generator To Power New Smart Cities
Is An ISIS Nuclear Attack In Europe Really A Threat? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIIS Cyber Initiative

MIIS Cyber Initiative

The Cyber Initiative's mission is to assess the impact of the information age on security, peace and communications.

Finjan Holdings

Finjan Holdings

Finjan solutions are aimed at keeping the web, networks, and endpoints safe from malicious code and security threats.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

Malomatia

Malomatia

Malomatia is a leading provider of technology services and solutions in Qatar including information security.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

Elliptic

Elliptic

Elliptic solve the crucial problem of identity in cryptocurrencies, with the sole purpose of combating suspicious and criminal activity.

Cyberhaven

Cyberhaven

Cyberhaven provides rapid enablement for GDPR and CCPA compliance, streamlined data security and modern risk management.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

PricewaterhouseCoopers (PwC)

PricewaterhouseCoopers (PwC)

PricewaterhouseCoopers is a multinational professional services network of firms headquartered in London, United Kingdom and operating in 157 countries.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

Prescient Solutions

Prescient Solutions

Prescient Solutions is a managed services provider, using a cloud-based model to provide IT solutions to small, mid-sized, global organizations and government entities.

AccountabilIT

AccountabilIT

AccountabilIT is a full spectrum information technology services firm for enterprises with complex information technology needs seeking relief from those challenges.

Hackurity.io

Hackurity.io

Hackurity.io is a high energy IT security start-up founded in 2021 out of the frustration that IT Security is highly fragmented and reactive.