Industrial systems have been suffering an increased rate of cyberattacks since the COVID-19 pandemic started, data shows.
The one perspective we are going to address today is one shared by a report from the Russian security firm Kaspersky, whose data shows worrisome signs of cybercriminals working around the clock since the forceful transition towards WFH.
The Data
Kaspersky released a report covering the industrial cybersecurity situation during the first half of 2020. The data shows how the number of cyberattacks aiming at industrial systems’ RDP (Remote Desktop Protocol) increased significantly since February, precisely when most countries all around the world began to shut down due to the pandemic.
In these lines, the first six months of 2020 reported a consistent increase in brute-force attacks at RDP passwords on Kaspersky-protected systems. The numbers, which present themselves as above-average in comparison with previous years, show a cybersecurity reality directly linked with the COVID-19 pandemic.
The findings come from monitored SCADA servers, OPC systems, devices linked to industrial network management, devices linked to industrial automation software, HMIs, and engineering and operator workstations. All of these devices are high-priority to cybercriminals with interest in OT.
Regarding the channels and tools chosen by malicious agents, the internet was the main channel used to carry out these attacks, followed by removable devices and emails. The report also shows more than 19,000 malware variants from 4,100 families, numbers that remain consistent with previous semesters.
The Developing World as the Main Target
According to Kaspersky’s report, the threat aiming industrial systems’ RDP is especially real in Asian and African countries. It seems that cybercriminals are more attracted to these regions due to the implementation of less effective security technologies, even in industrial setups.
And today, the severity of less effective security technologies is higher in comparison to 2019. COVID-19 has magnified the risks posed by online threats as workers are operating remotely, often connected to unsecured networks, and experiencing more frequent mistakes and poor cybersecurity practices.
Remote work, violently forced upon industrial organizations due to the COVID-19 pandemic, increased the dependency on RDP for successful operations. Unfortunately, industries in developing countries aren’t only using less effective cybersecurity technologies but were less prepared to transition safely towards WFH.
Using the Right Technologies
This data is another valuable lesson in how COVID-19 is currently changing cybersecurity as a whole. Industrial systems are, in particular, attractive targets for malicious parties looking for profit.
RDP, vulnerable as it is, offers major opportunities to criminals when organizations don’t implement the right technologies for protection.
In this kind of environment, state-of-the-art cybersecurity solutions such as Julie Security can offer reliable protection of these sensitive systems. Successful attacks at industrial systems’ RDP are fully preventable when the right technologies are deployed.
