Kathy Gibson is with Kaspersky Lab in Cape Town – Industrial systems are extremely vulnerable to cyberattacks, particularly those in Africa.
Amin Hasbini, head of Global Research and Analysis Team at Kaspersky Lab, points out that the most vulnerable systems are those used in critical manufacturing, energy, water and waste-water systems, followed by agriculture and chemical operations.
In Africa, a massive 60% of systems are vulnerable.
The reasons are many and varied, Hasbini says. “In many countries there is a lack of awareness that these systems are actually connected,” he says. “A lot of organisations don’t realise that their services are exposed online and can be controlled.
“And many of them don’t realise they need to be patched or maintained.”
Sergey Novikov, deputy director: Global Research and Analysis Team at Kaspersky Lab, urges organisations to increase their awareness of these threats, particular in light of the fact that targeted attacks are increasing.
Advanced persistent threats (APTs) are dangerous because attackers are looking for specific and targeted outcomes, such as high-profile information.
Novikov explains that APTs are extremely hard to detect and almost impossible to get rid of. “And even if you do get rid of them, they come back again.”
APTs get into the system via a number of avenues, Hasbini adds. These include spear phishing, social networks and instant messaging, watering holes, hospitality networks or USB drives.
Advanced tools include factoring RSA keys, live modification of operating system updates, operating system boot process orchestration, jailbreaking and more.
The prevalence of APT attacks is becoming more widespread, with some very public incidents coming to light.
A recent attack was ShadowHammer, an infection that targeted the laptop manufacturer Asus. Once the website was infected, all Asus laptop users automatically received malicious updates.
Kaspersky Lab believes the sophisticated malware affected hundreds of thousands of users worldwide.
Other recent attacks include TajMahal, a rare and advanced cyberespionage platform, and Operation SneakyPastes that targeted journalists.