News & Comment: Threat Landscape for Industrial Automation Systems in H1 2018

A new report from Kaspersky Lab reveals that 41.2 percent of industrial control systems (ICS) computers were attacked by malicious software at least once in the first half of this year. This is from an analysis of systems protected by Kaspersky Lab solutions, which shows that in 2017, the percentage of ICS computers attacked was 36.61 in the first half of the year and 37.75 in the second half

Comment:

Tim Erlin, VP, product management and strategy at Tripwire, commented:

“It’s important to view these results in the context of the sample set. The results all come from systems protected by Kaspersky’s product, which means that they include only organizations that took the step to install security software. It also excludes systems that Kaspersky doesn’t support. It’s reasonable to conclude that these metrics under-represent the reality of attacks against ICS systems overall.

“It’s time to move on from describing the threat to industrial control systems to actual solutions. The majority of successful attacks take advantage of basic vulnerabilities and misconfigurations; risks which can be effectively mitigated with strong, foundational security controls.”