Fortinet research: last time considerably grew number of attacks on enterprise systems and networks
Fortinet, producer of integrated and automatized solutions in information security, published a research, dedicated to threats in the area of industrial networks.In the research, for evaluation of SCADA-system and APCS protection was conducted analysis of data, obtained by FortiGuard Labs specialists.
According to the report, in 2018 substantially grew number of attacks on outdated software of enterprise networks, regardless of the location and type of the enterprise.
“After analysis of data for 2018, researchers noticed a bulk of IT-based attacks, and majorly on enterprise networks, software of which was not updated. On the other side, such actions to IT—systems are not effective any more. Besides, observed increase in the number of attacks against SCADA and ICS” – said in the report.
Aside from attacks on outdated enterprise networks, 85% of new threats were discovered on devices with Classic, BACnet and Modbus. Fortinet expects also noted skyrocketing in the number of exploits. According to the reports, now exist exploits for SCADA-systems and APCS of all producers.
Analysis of data showed that cybercriminals use in their interests absence of standardized protocol for enterprise networks. As a rule, such attacks aim target the most vulnerable parts of these networks. Usage of protocols that have no united standard and that differ depending on systems’ functions, location of the enterprise and industry, complicates development for decisions for enterprise networks.
Read also: DoS-attack in the US caused power station failure
According to the research, risks, linked to IT/OT convergence, are quite real, and should be seriously discussed in any organization where industrial networks are connected to IT-networks.
Attackers continue to use slower cycles of substitution and updates of technologies on enterprises, concluded experts.
The best way to counter this new reality is by adopting and implementing a comprehensive strategic approach that simplifies the solution, and involves IT and OT experts throughout an entire organization.