Threats Continue Plaguing Oil & Gas Sector: Report

Key insights

• The analysis says: “The percentage of ICS computers on which malicious objects were blocked grew from 38% in H2, 2019 to 39.9% in H1, 2020 in the building automation industry and from 36.3% to 37.8% in the oil and gas industry.”
• This rise in the percentage of ICS attacks is noteworthy due to heightened exploitation of Remote Desktop Protocol (RDP) between February to June, 2020.
• Meanwhile, sectors including energy, engineering & integrations, and automotive engineering witnessed a dip in cyberattacks.
• As for regional statistics, Asia (Southeast Asia specifically), Africa, Southern, and Eastern Europe saw the highest percentage of ICS attacks followed by Australia, Europe, the U.S., and Canada.

Top threat sources

• The top threat sources are the same as earlier, such as internet threats (16.7%), removable media (5.8%), and malicious email attachments (3.4%).
• The researchers have observed more families of backdoors, spyware, Win32 exploits, and malware built on the .Net platform belonging to over 4,100 families and worms written in script languages, specifically Python and PowerShell.

Recent incidents and warnings in automation

• In August, the FBI issued a warning stating that Russian hackers have been scanning the internet to find critical infrastructure providers, particularly in the energy sector.
• In the same month, another report by Trend Micro suggested that attackers may be abusing the industrial programming languages to attack robots and programmable manufacturing properly
• In July, EKANS ransomware was found targeting a variety of methods to compromise key industrial companies following an earlier campaign in February.

Worth noting