Friday, 26 April 2019 18:47

Kazakhstan entered in the countries top-15 on web attacks on technological computers

At a conference on information security of SOC Day 2019 which took place in of Nour-Sultan on April 12, 2019 Kaspersky Lab submitted the report on threats for the systems of industrial automation in Kazakhstan. Following the results of the second half of 2018 of the decision of the company prevented activity of various malicious applications for 41% of computers of the automated control systems (ACS) in the world. That is, practically every second computer in the technological environment of the enterprise underwent the attacks of malicious software. [Profit]

As experts consider, in most cases attempts of infection of ACS computers have accidental character, only the small percent falls to the share of the target attacks. The main sources of threats for computers in technological infrastructure of the organizations are the Internet, removable carriers (for example, USB sticks) and e-mail. In Kazakhstan in 36% of cases the threat to the ACS computer came from the Internet — on this indicator the country entered in top-15 the states in which technological computers most often were exposed to the web attacks.

Percent of ACS computers in the different countries on which threats from the Internet, the second half of the year 2018 were blocked

Following the results of the second half of 2018 the Kaspersky Lab ICS CERT team noted increase in number of ACS computers on which harmful post investments were blocked. In total in the world nearly 5% fell to the share of such threats.

Mailing of phishing letters with harmful investments became one of the main vectors of the attacks via e-mail in the industrial companies in the second half of the year 2018. Experts found a set of carefully prepared messages sent allegedly on behalf of the real-life companies and disguised under business correspondence (offers, invitations to participation in the tender, etc.). Moreover, analysts revealed use cases in phishing letters of legitimate documents which, most likely, were in advance stolen by malefactors for the subsequent development of the attack.

By estimates of Kaspersky Lab ICS CERT, in the second half of 2018 at least for 4.3% ACS computers in the world there were zadetektirovana Trojan spies, backdoors and keyloggers which in large quantities occur in the phishing letters distributed to the industrial companies. In most cases the purpose of these attacks is theft of confidential information, including for access to accounting systems that allows malefactors to steal money from accounts of the attacked enterprises.

"A situation with cyberthreats in the Republic of Kazakhstan rather difficult and if earlier we saw vulnerabilities of corporate networks and personal devices, then now malefactors, unfortunately, even more often attack complex industrial networks, threatening stable work of objects of KVOIKI in oil and gas, power, metallurgical and other industries — Evgeny Pitolin, the managing director of Kaspersky Lab in Kazakhstan and Central Asia says. — Only an integrated approach to production safety based on technologies of protection, deep analytics of cyberthreats, machine learning and regular increase in level of knowledge of employees will help the industrial enterprises of the country to resist successfully to cybermalefactors".