Who Is Targeting Industrial Facilities and ICS Equipment, and How?

Industrial Control Systems (ICS) Equipment Under Attack

Industrial Control Systems (ICS) are expected to be installed and left isolated for a long time. Technical changes and the necessity of reducing operating costs led to this equipment being left in operation longer than expected, exposing it to a broad range of cyber-threats.

Malware designed to compromise corporate systems can affect ICS systems with unpredictable impacts on the real world. Last year, Kaspersky Lab conducted a survey of 359 industrial cybersecurity practitioners and uncovered some discrepancies between the perception and reality of ICS cybersecurity incidents. 83 percent of respondents felt prepared to handle an ICS cybersecurity incident, while 50 percent suffered at least one cybersecurity incident in the year before. 74 percent of participants in the survey believed that their industrial infrastructure would be targeted in the coming year, and the top concern was conventional malware affecting control systems.

One of the biggest issues when dealing with ICS systems relates to the patch management in the life cycle of the products. In many cases, it is quite hard to update software running on ICS systems. This means that operators and vendors fail to provide regular patches, forcing companies with ICS equipment to consider other security tools.

According to the survey, companies are responding to the threats with anti-malware, network monitoring and device access controls. Over half of the respondents aren’t considering vulnerability scanning and patch management.

The findings of the Kaspersky survey show a worrisome scenario. Experts believe that there will be many cybersecurity incidents in the coming months. What should industrial organizations prepare for? The survey highlights the top three concerns as:

  1. Damage to product and service quality
  2. Loss of proprietary or confidential information
  3. Reduction or loss of production at a site

The challenges for operators managing an ICS environment are (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Pierluigi Paganini. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/60qYcofBpvc/