• 时时彩百分百双胆命中美团外卖部分店铺涉嫌超范围经营 503家店尚未亮许可证 2018-05-28
  • 北京快乐八属于违法么西甲-苏神内马尔破门 梅西替身进球 巴萨5-0胜 2018-05-24
  • 天津时时彩五星和值走势图央视解说:国安亚冠门票还有机会 换帅非常值得 2018-05-24
  • 天津时时彩五星基本走势省委秘书长车后座放镇党委书记请托的40万美金 2018-05-19
  • 重庆时时彩和值走势图印度在中印边界修建73条战略要道 近一半已完成 2018-05-14
  • 重庆时时彩冷热号乌克兰两议员上节目发生口角 演播室外拳脚相向 2018-05-14
  • 重庆时时彩万位杀号周末影响市场重要资讯回顾 2018-05-13
  • 天津时时彩龙虎走势港股恒指本周跌1.6% 华润置地领跌蓝筹 2018-05-11
  • 天津时时彩彩国足vs叙利亚前瞻:高帅主动争胜 临门一脚求量变 2018-05-11
  • 优博时时彩平台网址炒房炒股补贴三套路扮靓业绩 福建水泥炒股赚1亿 2018-05-07
  • 重庄时时彩开奖记录黄渤获女粉丝送花一脸懵 机场引众人围观 2018-05-05
  • 天津时时彩前3走势图中方编队指挥员:世界关注中俄演习 不会回避 2018-05-02
  • 时时彩缩水做号工具黄子韬翻唱周杰伦这么好听?网友:耳朵怀孕 2018-05-01
  • 天津时时彩3月5号开奖号码中国富豪引领全球财富增长 1.2万人掌控1.7万亿美元 2018-04-28
  • 时时彩现场开奖视频39家*ST公司七成靠重组保壳 问题频出多家企业遭问询 2018-04-28
  • 天津时时彩论坛 > 工控新闻资讯 > 卡巴斯基报告:能源和工控系统集成公司面临最高的网络攻击风险
    卡巴斯基报告:能源和工控系统集成公司面临最高的网络攻击风险

    Kaspersky Report: Energy and ICS Integration companies face highest chance of cyberattack
    卡巴斯基报告:能源和工控系统集成公司面临最高的网络攻击风险

    A report from Kaspersky Lab found that in the second half of 2017, nearly 40 percent of all industrial control systems (ICS) in energy organizations protected by Kaspersky Lab solutions were attacked by malware at least once – closely followed by 35 percent of engineering & ICS integration networks.

    卡巴斯基实验室发布的一份报告发现,在2017年下半年,受卡巴斯基实验室解决方案?;さ哪茉醋橹?,有近40%的工业控制系统(ICS)至少遭到一次的恶意软件攻击,紧随其后的是35%的工程和工控系统集成网络。

    The Kaspersky Lab report, “Threat Landscape for Industrial Automation Systems in H2 2017,” also found that for all other industries (manufacturing, transportation, utilities, food, healthcare, etc.) the proportion of ICS computers attacked ranged from 26 percent to 30 percent on average. The vast majority of detected attacks were accidental hits.

    这份“2017年下半年工业自动化系统威胁情况”卡巴斯基实验室报告还发现,对于所有其他行业(制造业、交通运输业、公用事业、食品、医疗保健等)而言,工控系统计算机遭受攻击的比例平均介乎26%到30%之间。绝大多数检测到的攻击都是意外击中。

    The cybersecurity of industrial facilities remains an issue that can lead to very serious consequences affecting industrial processes, as well as businesses losses. While analyzing the threat landscape in different industries, Kaspersky Lab ICS CERT recorded that nearly all industries regularly experience cyberattacks on their ICS computers. However, there are two industries that were attacked more than others – energy organizations (39%), and engineering and ICS integration businesses (35%).

    工业设施的网络安全仍然是一大问题,可能导致影响工业流程的严重后果,造成企业损失。在分析不同行业的威胁情况时,卡巴斯基实验室工控系统网络应急响应小组记录了几乎所有行业其工控系统计算机日常遭受的网络攻击。但有两个行业较其他行业受到的攻击更多,那就是能源机构(39%),以及工程和工控系统集成业务(35%)。

    1

    The sector that demonstrated the most noticeable growth of ICS computers attacked during the second half of 2017 (compared to the first half of 2017) was construction, with 31 percent attacked. The relatively high percentage of attacked ICS computers in the construction industry compared to the first half of 2017 could indicate that these organizations are not necessarily mature enough to pay the required attention to the protection of industrial computers. Their computerized automation systems might be relatively new and an industrial cybersecurity culture is still being developed in these organizations.

    在2017年下半年(与2017年上半年相比),工控系统计算机受攻击上升最为明显的行业是建筑业,有31%受到攻击。与2017年上半年相比,建筑行业受到攻击的工控系统计算机的比例相对较高,这可能表明这些机构未必足够成熟,无法对工业计算机的?;じ璞匾墓刈?。他们的计算机自动化系统可能相对较新,并且这些组织仍未确立工业网络安全意识。

    The lowest percentage of ICS attacks – 15 percent – has been found in enterprises specializing in developing ICS software, meaning that their ICS research/development laboratories, testing platforms, demo stands and training environment are also being attacked by malicious software, although not as often as the ICS computers of industrial enterprises. Kaspersky Lab ICS CERT experts point to the significance of ICS vendors’ security, because the consequences of an attack spreading over the vendor’s partner ecosystem and customer base could be very dramatic – as seen during the ExPetr malware epidemic.

    专注于开发工控系统软件的企业受攻击比例最低,仅为15% ,不过这意味着这些工控系统研究/开发实验室、测试平台、演示台和培训环境也会受到恶意软件的攻击,尽管不像工业企业的工控系统计算机那么频繁??ò退够笛槭夜た叵低惩缬毕煊π∽樽伊酥赋龉た叵低彻┯ι贪踩闹匾?,因为对供应商合作伙伴生态系统和客户群的攻击蔓延的后果可能非常强烈——正如ExPetr恶意软件流行期间所发生的。

    Among the new trends of 2017, Kaspersky Lab ICS CERT researchers have discovered a rise in mining attacks on ICS. This growth trend began in September 2017, along with an increase in the cryptocurrency market and miners in general. But in the case of industrial enterprises, this type of attack can pose a greater threat by creating a significant load on computers, and as a result, negatively affecting the operation of the enterprise’s ICS components and threatening their stability.

    在2017年的新趋势中,卡巴斯基实验室工控系统网络应急响应小组的研究人员发现了对工控系统挖矿攻击的增加。这种增长趋势始于2017年9月,伴随加密货币市场火爆和矿工总体增加。但对工业企业而言,这类攻击可能会对计算机造成重大负担从而构成更大的威胁,对企业的工控系统组件的运行产生负面影响并威胁其稳定性。

    Overall, during the period from February 2017 to January 2018, cryptocurrency mining programs attacked three percent of industrial automation system computers, in most cases accidentally.

    总的来说,在2017年2月至2018年1月期间,加密电子货币挖掘程序攻击了3%的工业自动化系统计算机,绝大多数是意外攻击。

    Other highlights from the report include:
    报告的其他亮点包括:

    • Kaspersky Lab products blocked attempted infections on 38% of ICS computers protected by them. This is 1.4 percentage points less than in the second half of 2016.
    • The internet remains the main source of infection with 22.7% of ICS computers attacked. This is two percent higher than in the first six months of the year. The percentage of blocked web-borne attacks in Europe and North America is substantially lower than elsewhere.
    • The top five countries by percentage of ICS computers attacked has remained unchanged since reported in the first half of 2017. This includes Vietnam (70%), Algeria (66%), Morocco (60%), Indonesia (60%) and China (60%).
    • In the second half of 2017, the number of different malware modifications detected by Kaspersky Lab solutions installed on industrial automation systems increased from 18,000 to over 18,900.
    • In 2017, 11% of all ICS systems were attacked by botnet agents, a malware that secretly infects machines and includes them in a botnet network for remote command execution; the main sources of attacks like this were the internet, removable media and email messages.
    • In 2017, Kaspersky Lab ICS CERT identified 63 vulnerabilities in industrial systems and IIoT/IoT systems, and 26 of them have been fixed by vendors.

     

    • 有38%的受卡巴斯基实验室产品?;さ墓た叵低臣扑慊庥龉セ?,比2016年下半年减少1.4个百分点。
    • 互联网仍然是主要感染源,有22.7%的工控系统计算机遭受攻击,比当年前六个月高出两个百分点。欧洲和北美网络攻击受阻的比例明显低于其他地区。
    • 自2017年上半年报告以来,工控系统计算机遭受攻击的前五位国家百分比保持不变。其中包括越南(70%),阿尔及利亚(66%),摩洛哥(60%),印度尼西亚(60%)和中国( 60%)。
    • 在2017年下半年,安装在工业自动化系统上的卡巴斯基实验室解决方案检测到的不同恶意软件修改数量从18,000个增加到18,900个以上。
    • 2017年,所有工控系统中有11%受到僵尸网络代理的攻击,这是一种恶意软件,它会秘密感染机器并将其包含在僵尸网络中以执行远程命令,这种攻击的主要来源是互联网、可移动媒介和电子邮件。
    • 2017年,卡巴斯基实验室工控系统网络应急响应小组发现了工业系统和工业物联网 / 物联网系统中的63个漏洞,其中26个已被供应商修复。 

    “The results of our research into attacked ICS computers in various industries have surprised us, “said Evgeny Goncharov, head of Kaspersky Lab ICS CERT. “For example, the high percentage of ICS computers attacked in power and energy companies demonstrated that the enterprises’ effort to ensure cybersecurity of their automation systems after some serious incidents in the industry is not enough, and there are multiple loopholes still there that cybercriminals can use.”

    卡巴斯基实验室工控系统网络应急响应小组负责人Evgeny Goncharov表示:“我们对各行业受攻击工控系统计算机的研究结果让我们感到惊讶。例如,电力和能源公司遭受工控系统计算机攻击的比例很高,这表明企业在行业发生严重事故后确保其自动化系统网络安全的努力是不够的,留给网络犯罪分子利用的漏洞仍然很多。”

    Kaspersky Lab ICS CERT recommends the following technical measures to be taken:
    卡巴斯基实验室工控系统网络应急响应小组建议采取以下技术措施:

    • Regularly update operating systems, application software and security solutions on systems that are part of the enterprise’s industrial network.
    • Restrict network traffic on ports and protocols used on the edge routers and inside organization's OT networks.
    • Audit ICS component access control in the enterprise’s industrial network and at its boundaries.
    • Deploy dedicated endpoint protection solutions onto ICS servers, workstations and HMIs to secure OT and industrial infrastructure from random cyberattacks.
    • Deploy network traffic monitoring, analysis and detection solutions for better protection from targeted attacks.

     

    • 定期更新企业工业网络系统中的的操作系统、应用软件和安全方案。
    • 限制边缘路由器和企业运营网络内使用的端口和协议的网络流量。
    • 在企业工业网络及其边界内,审核工控系统组件访问控制。
    • 将专用端点?;そ饩龇桨覆渴鸬焦た叵低撤衿?、工作站和人机界面上,以?;ぴ擞凸ひ祷∩枋┟馐芩婊绻セ?。
    • 部署网络流量监控、分析和检测解决方案,以更好地防范有针对性的攻击。
    版权声明:本文由中华工控网翻译整理,任何媒体和个人全部或部分转载必须注明出处。

    工控产品体验中心活动

    菲力尔
      寄语 | 关于我们 | 联系我们 | 广告服务 | 本站动态 | 友情链接 | 法律声明 | 非法和不良信息举报  
    工控网客服热线:0755-86369299
    版权所有 中华工控网 Copyright@2008 www.dfew.com.cn, All Rights Reserved

    天津时时彩论坛
    网安备案编号:4403303010105