ICS (Industrial Control System) or SCADA have faced large volumes of attacks from notorious threat actors in the recent past. Be it the China-linked group RedEcho targeting the Indian power sector or an unidentified cybercriminal attempting to poison Florida city’s water supply and treatment plant, the attacks have not just evolved but have become a “life-threatening” affair. Backing these citations, a report from Kaspersky now confirms that 33.4% of ICS computers worldwide were hit by a cyberattack in H2 2020.
The report from Kaspersky titled, “The Industrial Control System Threat Landscape 2020,” is based on the data received from ICS computers that are running Kaspersky security products and hosted in networks of industrial infrastructures. Kaspersky researchers observed a downward trend in H2 2019 and H1 2020 when it came to cyberattacks targeting the ICS infrastructure.
As per statistics, the percentage of ICS computers targeted with a cyberattack in the second half of the year was 33.4%, which was 0.85% more than the number in H1 2020. In other key observations of the report, the ICS computers targeted on a global level with ransomware attacks dropped from 0.63% in H1 2020 to 0.49% in H2 2020. However, when it came to developed nations, these numbers saw a contrasting surge. The U.S. and Canada saw a +0.25% spike, whereas Australia with +0.23% and Western Europe with +0.13% were not lagging either. One of the most surprising names in this list though is Saudi Arabia. The country saw the maximum growth in the number of attacks with a +8.2% rise.
Apart from this, Kaspersky researchers termed the COVID-19 remote working scenario as one of the prime reasons why threat actors were majorly targeting the ICS infrastructure’s RDP setup. The majority of the attacks took place through this and we already mentioned one such example.
For a brief overview of the other findings from the report, refer the infographic below: