Computers within industrial control systems (ICS) running Africa’s energy sector were the most targeted by cyber attacks in the second half of 2022. The continent also tops regional rankings with the most ICS computers targeted by malware using removable devices.
This is according to Kaspersky ICS CERT market research which found the company blocked spyware on 12% of ICS computers in Africa – the highest figure globally.
Kaspersky says in the Middle East the figure stands at 9.8% and in South-East Asia at 10%, which are also high figures.
“Indeed, for Africa, attacks using malicious scripts are more frequent, but in terms of the share of attempted attacks using spyware the African region is ahead of other regions, which is why we singled it out,” the company adds.
Other malware categories blocked on ICS in Africa include malicious scripts (14%) and denylisted (blocked) internet resources (13%). Malicious scripts and phishing pages (JavaScript and HTML) are distributed both online and via email. A significant part of denylisted internet resources are used to send out malicious scripts and direct to phishing pages.
The growing attack rates in industrial sectors, that are being conducted using social engineering, seem alarming.
Kirill Kruglov, Kaspersky.
Denylisted (blocked) internet resources are web resources that are marked as restricted and malicious in Kaspersky systems.
“Whenever an ICS that is protected by Kaspersky wants to interact with a web resource of this kind, our solutions block this interaction. One of the reasons Kaspersky blocks/denylists a web resource is because our analysis shows that it is used to send out malicious scripts and engages in phishing,” the company continues.
Kaspersky adds that in 2022 the company’s security solutions globally blocked 6% more malware families on industrial automation systems than in the first half of the year and 147% more than in the second half of 2021.
In Africa, the most targeted industries in the second half of 2022 were energy (in this sector attacks were blocked on 44% of ICS computers), engineering (42%), oil & gas (41%).
Kirill Kruglov, senior researcher at Kaspersky ICS CERT, says, “Overall, 2022 stands out for its abnormal absence of any seasonal changes. Our team observed a steadily high rate of attacks on industrial sectors – without a typical drop in attacks during the European summer vacations or winter holidays period. However, the growing attack rates in industrial sectors, that are being conducted using social engineering, seem alarming. We strongly recommend customers in these sectors to revise their existing approach to security and check whether all security systems are up-to-date and their personnel well-trained.”
Share