Companies with operations in the fast growing economies of Southeast Asia are among the most vulnerable in the world to computer hackers, where successful attacks could spell problems for millions of customers or cost millions of dollars in lost business.
This was the finding of the latest report from cyber security firm Kaspersky Lab which warned that firms in the manufacturing sector were particularly exposed to threats like ransomware or data theft which could significantly compromise operations.
“The threats are in Southeast Asia is growing and companies have to protect against that,” Eugene Kaspersky, the firm’s founder and CEO, said during a conference late last week in Saint Petersburg, Russia.
In particular, the Russian IT billionaire pointed to vulnerabilities of firms relying increasingly on automation for their operations, specifically on industrial control systems (ICS) for processes prevalent anywhere – in manufacturing, in telecommunications, and in the energy sector.
The report showed that, for the first half of the year, manufacturing companies were most susceptible, with their ICS computers accounting for one-third of all cyber attacks.
The peak of attackers’ activity was registered in March, after which the proportion of computers attacked gradually declined from April to June.
During the first six months of the year, Kaspersky Lab’s products blocked attack attempts on 37.6 percent of several tens of thousands of ICS computers globally. This figure was marginally lower by 1.6 percentage points from the second half of 2016.
Most of them were in manufacturing companies. Other most affected industries include engineering, education, food and beverage.
ICS computers of energy companies accounted for almost 5 percent of all attacks.
The top three countries with attacked industrial computers remained the same from the previous period – Vietnam which accounted for 71 percent of case, Algeria with 67.1 percent, and Morocco with 65.4 percent.
Researchers detected an increase in number of attacks in China (57.1 percent), which came fifth, according to the data released by Kaspersky Lab.
Experts also concluded that the main source of threats was the internet, specifically attempts to download malware or access known malicious or phishing web resources which were blocked on 20.4 percent of ICS computers.
“The reason for the high statistics for this type of infection lies in unrestricted access and connection of industrial networks to the Internet, which threatens the entire industrial infrastructure,” the firm said.
In total, in the first six months of 2017 Kaspersky Lab detected about 18,000 different modifications of malware on industrial automation systems belonging to more than 2,500 different families.
The company also noted that, in the first half of the year, the world faced an epidemic of so-called ransomware, which locks out users from critical computers unless they pay fees to the hackers first.
Based on Kaspersky Lab’s research, the number of unique ICS computers attacked by encryption trojans had been increasing, and tripled by June 2017.
Overall, experts discovered encryption ransomware belonging to 33 different families. Most of the encryption trojans have been distributed through spam emails, disguised as part of the business communication, with either malicious attachments or links to malware downloaders.
“The fact that ICS computers in manufacturing companies accounted for about one third of all attacks, causes a great security concern, meaning high risks of cyberattack which could bring damage to enterprises’ industrial automation systems and serious consequences for businesses as a whole,” Kaspersky Lab’s head of critical infrastructure Evgeny Goncharov said.
“Taking into consideration that in the first six months of the year we observed the active distribution of encryption malware, which we believe is set to continue, the probability of a destructive attack is even higher,” he added.
/atm