Attacks On Industrial Control System At An All-Time High

Uploaded on 2016-06-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Consulting, BUSINESS-Production-Utilities, BUSINESS-Production-Manufacturing, BUSINESS-Production-Energy

Threats to industrial control systems are going up: More incidents involving ICS operators—organizations that use and maintain ICS as part of their operations—occurred in 2015 than any year prior.

And no wonder: ICS represents an increasingly diverse and extensively connected set of technologies. It controls and automates significant portions of our connected society, including power moving through the electrical grid, oil flowing through pipelines, travelers commuting on rail systems, and systems controlling pharmaceutical and food manufacturing.

According to Booz Allen, the number of incidents reported to US authorities rose by 17% in FY 2015. With 295 reported incidents, 2015 had the most reported incidents to date. And for the first time since ICS-CERT began tracking reported incidents in 2009, critical manufacturing experienced more incidents than the energy-sector.

Spear-phishing is the primary method of attack, with the number of attacks increasing by 160%—from 42 to 109—from FY 2014 to FY 2015.

Based on Booz’s analysis, new targets, including light rail operators, and new tactics, such as SCADA-access-as-a-Service (SAaaS) and ransomware against ICS, are likely to emerge or expand. For instance, in December 2015 alone, hackers used SCADA access to cause a blackout in Ukraine that affected 225,000 citizens, while that same month, US investigators revealed that an Iranian hacker had previously gained access to the Bowman Dam in New York through a SCADA system.

The report also uncovered that nation-state-backed groups are conducting sophisticated and widespread campaigns to steal operational data and establish footholds in ICS environments. Evidence of this is North Korea’s reconnaissance of light-rail operators in potential preparation for an ICS attack. Within the past eight months, North Korea has been tied to three separate reconnaissance attacks on South Korea’s light-rail operators. In each scenario, North Korea stole information pertaining to critical systems, such as speed and safety controls, traffic flow monitors and other central operating systems.

Safety, availability, protection of the environment, and process uptime are the primary drivers of ICS cybersecurity investments. Unfortunately, bad actors recognize the operational, economic and safety impacts attacks on ICS infrastructure can cause.

“Awareness of the risks associated with these systems is important, not just for the operational technology cybersecurity professionals responsible for securing these networks and devices but also for information technology professionals, organizational leaders, and regular employees,” Booz Allen noted in a threat briefing. “The impacts of attacks on ICS can be devastating. Attacks can cause extended operational halts to production and physical damage, and even jeopardize the safety of employees and customers. The attack surface for ICS is larger than just the ICS devices, equipment, and networks: It extends to all parts of an organization, including the extended supply chain.”

Infosecurity Magazine

« A Nano Generator To Power New Smart Cities
Is An ISIS Nuclear Attack In Europe Really A Threat? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

CLUSIL

CLUSIL

CLUSIL is an association for the information security industry in Luxembourg.

FaceFirst

FaceFirst

FaceFirst provide face recognition technology solutions to detect and deter real time threats,

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Neowave

Neowave

Neowave designs, manufactures and markets strong authentication solutions based on smart card components and digital certificates.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

SpecTrust

SpecTrust

SpecTrust provides an all-in-one defense solution for identity abuse & fraud, enabling your company's talent to stay focused on the core business.

Innovex Global

Innovex Global

Innovex is a full-service executive search and advisory business that engages with early-stage startups, scale-ups, and established businesses in the Fintech, Cybersecurity and Technology industries.

Silicon Labs

Silicon Labs

Silicon Labs are a leader in secure, intelligent wireless technology for a more connected world. We provide award-winning hardware and software security to help safeguard connected devices.

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

iVision

iVision

iVision is a technology integration and management firm that engineers success for clients through objective recommendations, process and technology expertise and best-of-breed guidance.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.

PDQ

PDQ

PDQ helps IT professionals to manage and organize hardware, software, and configuration data for Windows- and Apple-based devices.