Attacks On Industrial Control System At An All-Time High

Uploaded on 2016-06-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Consulting, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Threats to industrial control systems are going up: More incidents involving ICS operators—organizations that use and maintain ICS as part of their operations—occurred in 2015 than any year prior.

And no wonder: ICS represents an increasingly diverse and extensively connected set of technologies. It controls and automates significant portions of our connected society, including power moving through the electrical grid, oil flowing through pipelines, travelers commuting on rail systems, and systems controlling pharmaceutical and food manufacturing.

According to Booz Allen, the number of incidents reported to US authorities rose by 17% in FY 2015. With 295 reported incidents, 2015 had the most reported incidents to date. And for the first time since ICS-CERT began tracking reported incidents in 2009, critical manufacturing experienced more incidents than the energy-sector.

Spear-phishing is the primary method of attack, with the number of attacks increasing by 160%—from 42 to 109—from FY 2014 to FY 2015.

Based on Booz’s analysis, new targets, including light rail operators, and new tactics, such as SCADA-access-as-a-Service (SAaaS) and ransomware against ICS, are likely to emerge or expand. For instance, in December 2015 alone, hackers used SCADA access to cause a blackout in Ukraine that affected 225,000 citizens, while that same month, US investigators revealed that an Iranian hacker had previously gained access to the Bowman Dam in New York through a SCADA system.

The report also uncovered that nation-state-backed groups are conducting sophisticated and widespread campaigns to steal operational data and establish footholds in ICS environments. Evidence of this is North Korea’s reconnaissance of light-rail operators in potential preparation for an ICS attack. Within the past eight months, North Korea has been tied to three separate reconnaissance attacks on South Korea’s light-rail operators. In each scenario, North Korea stole information pertaining to critical systems, such as speed and safety controls, traffic flow monitors and other central operating systems.

Safety, availability, protection of the environment, and process uptime are the primary drivers of ICS cybersecurity investments. Unfortunately, bad actors recognize the operational, economic and safety impacts attacks on ICS infrastructure can cause.

“Awareness of the risks associated with these systems is important, not just for the operational technology cybersecurity professionals responsible for securing these networks and devices but also for information technology professionals, organizational leaders, and regular employees,” Booz Allen noted in a threat briefing. “The impacts of attacks on ICS can be devastating. Attacks can cause extended operational halts to production and physical damage, and even jeopardize the safety of employees and customers. The attack surface for ICS is larger than just the ICS devices, equipment, and networks: It extends to all parts of an organization, including the extended supply chain.”

Infosecurity Magazine

« A Nano Generator To Power New Smart Cities
Is An ISIS Nuclear Attack In Europe Really A Threat? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Trusted Computing Group

Trusted Computing Group

TCG was formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

VU Security

VU Security

VU is a specialist in Cybersecurity software development with a focus on the prevention of fraud and identity theft.

Cyber Security Raad (CSR) - Netherlands

Cyber Security Raad (CSR) - Netherlands

The Cyber Security Council (CSR) is a national, independent advisory body of the Dutch government undertaking efforts at strategic level to bolster cyber security in the Netherlands.

CSIRT-CY

CSIRT-CY

CSIRT-CY is the National Computer Security Incident Response Team for Cyprus.

Hardenite

Hardenite

Hardenite solution helps R&D, DevOps and IT teams to continuously manage security risks and hardening efforts of any Linux OS – based product, throughout the product life cycle.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

JupiterOne

JupiterOne

JupiterOne is the security product that is changing how organizations manage and secure their software defined assets.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Cyber Dagger

Cyber Dagger

Cyber Dagger is a cybersecurity company driven by a mission to protect digital infrastructures and close the cybersecurity skills gap.

Staris

Staris

Human based defense is dead. Staris is reinventing application security for an increasingly AI driven world.