Kaspersky, a global leader in next generation cybersecurity solutions and services, revealed that computers in the industrial control system (ICS) environment have been attacked from January to September 2022 by diverse means not only in Nigeria but in other parts of Africa with the Middle East and Turkey (META) inclusive. It was also disclosed in the META region that in regions under protection of Kaspersky solutions, over 30 percent of ICS computers were blocked by harmful objects.
According to Kaspersky ICS CERT statistics – a global Kaspersky project that coordinates the efforts of industrial automation system vendors and industrial facility and ensures provision of unique services in aspects of industrial automation systems and internet-of-things cybersecurity to update on risks and empowering cybersecurity workforce– the global share estimate of the ICS computers blocked malignant objects equate to 31 percent. The statistics further asserted that APT attacks in coming months would most likely get more sophisticated.
Cyberattacks on ICS computers lead to production downtime.
ICS computers have their usage in many sectors and industries which include the automotive manufacturing, oil, energy, building automation infrastructures and many others to aid the performance of diverse OT functions such as Human Machine Interface (HMI), workstations of engineers and operators and Supervisory Control and Data Acquisition (SCADA) servers. Cyberattacks on ICS computers are visibly dangerous due to the loss of materials and production downtime which it causes for the controlled production line and the facility.
In the oil and gas industry, the computers were attacked often during the first three quarters of 2022 – January to September – with almost 40 percent of them suffering from the attack. In building automation systems, about 38 percent ICS computer were attacked. In the third most affected sector, the energy sector, about 36 percent of ICS computer faced targeted attacks. These attacks put many industrial services out of service, weakening the social, ecological and macroeconomic welfare of a region.
Attacks on industrial systems might get complex against major sectors.
Kaspersky estimated the attacks and blockage of malicious objects, from January to September, as visible on about 38 percent of ICS computers in the META region. These attacks came in diverse forms – about 28 percent of attacks on ICS infrastructure happened through the internet, almost 10 percent of the attacks happened through email clients, 7 percent of the attacks were carried out with the aid of removable media, and 0.9 percent were conducted through removable media.
According to estimation, 38.7 percent ICS computers in Nigeria also suffered blockages of malicious objects from January to September 2022. Attacks on the computers were also conducted in different means. 19 percent of the attacks were carried out from the internet, 3.5 percent were conducted email clients while 10.7 percent through removable media. Unfortunately, it was confirmed that in subsequent months, APT attacks on industrial systems might get sophisticated and targets will likely be logistics and transportation, agriculture and energy sectors.
Companies reduce budget on cybersecurity building higher threats.
In addition, Kaspersky asserted that in the remaining weeks in 2022 and Year 2023, there will be a rise of ransomware in ICS environments. This is apparent due to the possibility of ransomware attacks conducted manually and efficiently on ICS computers. However, Vladimir Dashchenko, Kaspersky Industrial Control Systems Cyber Emergency Response Team Expert, affirms that the situation has caused global instability which has caused global semiconductor shortage. As a result, companies have been made to reduce their budgets on cybersecurity which will breed a serious issue in 2022-2023 due to the rising threat landscape.