Story & photo By Oliver Samson | Correspondent
KASPERSKY Lab ZAO executives cautioned the country’s industrial sector on the growing threats to Industrial Control Systems (ICS) and critical infrastructures, urging for cyber-security measures.
The disruption to the operations can bring massive losses to the industry, Kaspersky executive Vikram Kalkat said in a news briefing in Manila.
According to Kalkat, attackers might assault critical industries like in energy, food manufacturing, oil and gas, transportation, finance and health.
“A minute an industry is down may cost $5 million of losses,” said Kalkat, Kaspersky Lab global business development senior key account manager. The attacks on ICS and critical infrastructures could sabotage a state’s economic as well as national security, the Russian cybersecurity firm said in a statement.
Angel T. Redoble, one the country’s cybersecurity specialist, agreed.
In a recent interview, Redoble, founder and president of the Philippine Institute of Cyber Security Professionals (PICSPro), the country’s economic and national security would be compromised when its critical industries would be assaulted.
One of the attackers assaulting industrial and critical facilities is the Equation Group (EG), Kaspersky Lab said adding the EG, detected in 2015, exploits Advanced Persistent Threat (APT). Since 2001, the EG has been targeting infrastructure networks belonging to telecommunications, energy, nuclear research, oil and gas, military, nanotechnology and transportation in over 30 countries, the firm said.
In December of the same year, some 230,000 inhabitants in Ukraine also suffered from hours of power outage after a massive cyberattack, Kaspersky Lab said.
The BlackEnergy malware (malicious software) was responsible in the attack on power in Ukraine, the firm added.
“The BlackEnergy APT has been actively trying to control ICS, energy, government and media in Ukraine as well as ICS/SCADA companies and energy companies worldwide,” Kaspersky Lab said.
The attackers took down the call center of the electric utility with telephone denial-of-service (TDoS) attack to prevent power consumers from reporting the situation.
“As more critical and industrial facilities are being automated and connected to the Internet, government and private sectors should also pay attention to the cybersecurity of these vital infrastructures,” said Sylvia Ng, Kaspersky Lab Southeast Asia General Manager. “These networks require tougher defences as successful attacks against them can result to virtual and physical harm.”
Industrial cybersecurity is the new challenge, Kalkat noted.
“Operation technology of the critical infrastructure should focus on infrastructure availability of automated systems rather than only date confidentiality,” he said. “There is an urgent need for specialized solutions to combat this threat.”
Image credits: Oliver Samson