In an analysis of the first half of 2018, Kaspersky Lab has found that more than 40% of all industrial control system computers were attacked by malicious software at least once.
Ross Rustici, Senior Director of Intelligence Services at Cybereason:
“These findings are not surprising, as the spectrum of cyberattacks against utility providers and the profile of adversaries who target ICS environments are broadening. While ICS attackers linked to APT groups and nation-state actors are still targeting these systems, a greater variety of threat actors with a range of skills is also going after ICS environments. We’ve seen this directly in data collected from a honeypot Cybereason setup to emulate the power transmission substation of a major electricity provider.
As more criminal and less skilled or trained hackers go after these systems, the odds of an unintended disruption increase. The easiest way to monetise this type of access is through a ransom. We’re dealing with people who have a clear profit motivation. And if attackers get in, you either lose access, rebuild it, or you pay the ransom. That type of targeted attack could paralyse a system, and is not unprecedented.”