More than 40% of all industrial control system (ICS) computers protected by Kaspersky Lab solutions were attacked by malicious software at least once during the first half of 2018.
The most impacted countries turned out to be Vietnam, Algeria and Sri Lanka, while the safest region for industrial machines was Denmark. These are among the main findings of the Kaspersky Lab ICS CERT report on the industrial threat landscape in H1 2018.
Cyber attacks on industrial computers are considered to be an extremely dangerous threat as they cause material losses and production downtime for a whole system. Moreover, industrial enterprises knocked out of service can seriously undermine a region’s social welfare, ecology and macroeconomics.
Statistics collected by Kaspersky Lab researchers show that this kind of threat is of growing concern. In the first half of 2018, 41.2% of ICS computers were attacked at least once. Moreover, this is a continuation of a trend: in 2017, the figure increased from 36.61% in the first half of the year to 37.75% in the second half.
Top countries by the number of ICS computers attacked in 2018 were Vietnam, where 75.1% of ICS computers were attacked, Algeria, with 71.6% and Morocco with 65%.
As for the least attacked industrial facilities, the top three countries turned out to be Denmark with 14% attacked computers in industrial enterprises, followed by Ireland with 14.4% and Switzerland close behind, accounting for 15.9%.
Developing economies account for the highest numbers of ICS computers attacked, while developed regions have the lowest number of targeted ICS computers.
The largest number of threats come from the internet, which over the years has become the main source of infection for ICS: 27% of threats are received from the world wide web; while removable storage media is ranked second with 8.4%. Mail clients occupy third place in terms of volume– they represent 3.8% of threats.
Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is a global project launched by Kaspersky Lab in 2016 to coordinate the efforts of automation system vendors, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyber attacks.