Attacks On Industrial Control System At An All-Time High

Uploaded on 2016-06-22 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-Consulting, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Threats to industrial control systems are going up: More incidents involving ICS operators—organizations that use and maintain ICS as part of their operations—occurred in 2015 than any year prior.

And no wonder: ICS represents an increasingly diverse and extensively connected set of technologies. It controls and automates significant portions of our connected society, including power moving through the electrical grid, oil flowing through pipelines, travelers commuting on rail systems, and systems controlling pharmaceutical and food manufacturing.

According to Booz Allen, the number of incidents reported to US authorities rose by 17% in FY 2015. With 295 reported incidents, 2015 had the most reported incidents to date. And for the first time since ICS-CERT began tracking reported incidents in 2009, critical manufacturing experienced more incidents than the energy-sector.

Spear-phishing is the primary method of attack, with the number of attacks increasing by 160%—from 42 to 109—from FY 2014 to FY 2015.

Based on Booz’s analysis, new targets, including light rail operators, and new tactics, such as SCADA-access-as-a-Service (SAaaS) and ransomware against ICS, are likely to emerge or expand. For instance, in December 2015 alone, hackers used SCADA access to cause a blackout in Ukraine that affected 225,000 citizens, while that same month, US investigators revealed that an Iranian hacker had previously gained access to the Bowman Dam in New York through a SCADA system.

The report also uncovered that nation-state-backed groups are conducting sophisticated and widespread campaigns to steal operational data and establish footholds in ICS environments. Evidence of this is North Korea’s reconnaissance of light-rail operators in potential preparation for an ICS attack. Within the past eight months, North Korea has been tied to three separate reconnaissance attacks on South Korea’s light-rail operators. In each scenario, North Korea stole information pertaining to critical systems, such as speed and safety controls, traffic flow monitors and other central operating systems.

Safety, availability, protection of the environment, and process uptime are the primary drivers of ICS cybersecurity investments. Unfortunately, bad actors recognize the operational, economic and safety impacts attacks on ICS infrastructure can cause.

“Awareness of the risks associated with these systems is important, not just for the operational technology cybersecurity professionals responsible for securing these networks and devices but also for information technology professionals, organizational leaders, and regular employees,” Booz Allen noted in a threat briefing. “The impacts of attacks on ICS can be devastating. Attacks can cause extended operational halts to production and physical damage, and even jeopardize the safety of employees and customers. The attack surface for ICS is larger than just the ICS devices, equipment, and networks: It extends to all parts of an organization, including the extended supply chain.”

Infosecurity Magazine

« A Nano Generator To Power New Smart Cities
Is An ISIS Nuclear Attack In Europe Really A Threat? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

Cyber Together

Cyber Together

Cyber Together is dedicated to advancing the cyber security industry by giving businesses access to Israel’s leaders, innovators and great minds in the field of cyber security.

Cybertrust Japan

Cybertrust Japan

Cybertrust Japan provides a comprehensive security certification and digital authentication service, enabling customers to build and manage highly secure IT infrastructures.

Hague Security Delta (HSD)

Hague Security Delta (HSD)

The Hague Security Delta Campus is home of the leading cyber security cluster in Europe with an Innovation Centre, labs and training facilities.

Custodio Technologies

Custodio Technologies

Custodio Technologies was established as a Singaporean R&D Centre of Israel Aerospace Industries (IAI) in order to spearhead R&D activities in the field of cyber early warning.

Governikus

Governikus

Governikus provides solutions for secure data transport, authentication, the use of electronic signatures and cryptography as well as for long-term storage.

th4ts3cur1ty.company

th4ts3cur1ty.company

th4ts3cur1ty.company specialize in delivering intelligence lead adversary emulation purple teaming & the bespoke building of Security Operation Centers.

MPC Alliance

MPC Alliance

The mission of the MPC Alliance is to accelerate adoption of MPC (Multi-Party Computation) technology.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

Cyber Security Cooperative Research Centre (CSCRC)

Cyber Security Cooperative Research Centre (CSCRC)

The CSCRC provides frank and fearless research and in-depth analysis of cyber security systems, the cyber ecosystem and cyber threats.

Flatt Security

Flatt Security

Flatt Security is a cyber security startup based in Japan providing security assessments and other cyber security services.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

ACL Digital

ACL Digital

ACL Digital, an ALTEN Group company, is a leader in design-led digital experience, innovation, enterprise modernization, and product engineering services converging to Technology, Media & Telecom.

Locuz

Locuz

At Locuz, we’ve made it our mission to help businesses like yours create an actionable digital strategy.

Sev1Tech

Sev1Tech

Sev1Tech is a leading provider of IT modernization, cloud, cybersecurity, engineering, fielding, training, and program support services.

Diversified Technical Services Inc. (DTSI)

Diversified Technical Services Inc. (DTSI)

DTSI provides a wide range of technology solutions for Federal Agencies, the Department of Defense, and commerical organizations with capabilities including Cyber Security and DevSecOps.