Cybersecurity specialist Kaspersky reports a worrying increase in cyberattacks against oil and gas infrastructure. In 2023, they have progressed quite significantly.
During the second half of 2023, cyber attacks targeting companies in the oil and gas sector increased. This is according to data reported by Kaspersky’s Industrial Control Systems Cybersecurity Emergency Response Team (ICS CERT). The publisher highlights the still remarkable evolution of the techniques used by attackers.
Cybercriminals continue to evolve their techniques, which work more or less depending on the region of the globe.
More generally, Kaspersky’s analysis reveals a decrease in attacks against operational technology (OT) computers, with the ratio of affected devices falling from 34% to 31.9% from the first to the second half of the year. However, the threat landscape remains very diverse. OT computers are still largely targeted by attacks via the Internet (18.1%), followed by those affecting email clients (4%) and removable media (1.9%).
A more worrying observation concerns the 1.4-fold increase in control systems dedicated to controlling industrial equipment (ICS) on which mining executable programs for Windows have been blocked. For the publisher, this increase highlights the evolution of tactics towards the exploitation of vulnerabilities and ICS infrastructure, for obviously lucrative purposes.
Malicious activity blocks also vary by region, as noted in the report. In Africa, the percentage of computers on which hacker attacks were prevented reached 38.2% in the last half of the year, compared to 14.8% in Northern Europe. Southern Europe is one of the very good students in this area. Likewise, support for IT security issues differs depending on the country. In Yemen, there were 56.6% of attacks blocked, compared to only 7.4% in Iceland.
The oil and gas sector is one of the few to see an increase in computers attacked
In more detail, Kaspersky notes that building automation is the most targeted sector. The oil and gas sector saw an increase worth watching in the second half of 2023, beyond 31%, in the percentage of OT computers on which malicious objects were blocked.
Overall, other sectors are rather in decline, such as energy, automation construction, ICS engineering and integration, and manufacturing. “ Although the overall exposure of global OT infrastructure to cyber threats has decreased in the second half of 2023, industrial companies must continue to fortify their defenses and stay ahead of ever-evolving threats », notes Evgny Goncharov, head of ICS CERT at Kaspersky.
Experts recommend that companies conduct regular assessments of the security of their OT systems, ongoing vulnerability management, update key components, use EDR solutions and strengthen the skills of their teams. security.
0