01/20/2022 | News release | Distributed by Public on 01/20/2022 14:36
Legacy malware had the most detections in India, China, the US, and Taiwan. For coinminer, Equated malware, and WannaCry, India had the most detections. On the other hand, Japan had the most Emotet infections, while ICSs in Germany had the most adware incidents.
Through this extensive research, we found that there were several malware threats that pose a great risk on ICSs. By identifying these threats, we can now determine various steps that your enterprise can take to better secure your industrial control systems.
But what does this information mean? This tells us several things:
Based on the detection data, we can conclude that modern malware such as the threats we discussed affect ICSs. It means both modern techniques like fileless malware and hacking tools and age-old methods like removable drive autorun can successfully infect ICS endpoints.
The stakes are also higher for some attacks. As illustrated by the Colonial Pipeline incident, ransomware attackers are into big-game hunting. They identify whom they were able to compromise and then determine key systems in the network that can cause the most disruption. After this, they coerce the victim into paying.
The presence of ransomware in ICSs in several attacks may indicate that attackers are now recognizing these systems and actively targeting them.
Security is paramount for ICSs
These findings mean security must be a major consideration when interconnecting the IT network with the OT network. Enterprises should address security issues brought about by both legacy malware and the latest attack trends.
Using malware detections as one of the criteria of IT/OT networks' cybersecurity readiness can help enhance their security posture and better protect ICSs endpoints This also helps prevent unintended downtown and the loss of view and control.
Moreover, IT security staff should work with OT engineers to properly account for key systems as well as identify various dependencies like OS compatibility and up-time requirements. They should also learn the process and operational practices and plan a suitable cybersecurity strategy for the protection of these important systems.
Other tips to secure your ICS endpoints
Apart from these recommendations, a robust cybersecurity solution can help future-proof an enterprise's ICS and its endpoints. As a leader in cybersecurity solutions, Trend Micro offers forward-looking products that address various needs, including ICS security. Check out our product page to learn more about our offerings.