ABS Warns of Increasing Cyber Threat to Industrial Control Systems

File image

Published Mar 7, 2022 10:08 PM by The Maritime Executive

A new survey conducted for ABS Consulting finds that cyber threat actors are increasingly familiar with operational technology systems (OT) used to control industrial equipment, and "have conducted attacks that gain access and negatively impact operations and human safety."

According to the survey, ransomware groups are targeting industrial control systems using increasingly sophisticated attacks. Their motive is simple: taking over the software behind a physical asset is a way to ensure a larger, faster payout from the victim. 50 percent of survey respondents put ransomware at the top of the list of threats to industrial control systems today. 

Despite the threat, getting adequate resources to prevent or control intrusion is a challenge. Nearly half of respondents said that their organization does not have an internal 24/7 response team for OT/ICS incidents, which require specialized domain knowledge to handle. 

“This research concludes that industrial control systems can no longer be ignored,” said Ian Bramson, Global Head of Industrial Cybersecurity at ABS Group. “Organizations that take a ‘copy and paste’ approach to applying IT security tools, processes and best practices into an OT/ICS environment can expect problematic consequences.”

Hackers target human error

Phishing remains one of the most potent attack vectors for attempts to penetrate both IT and OT environments, and it is a pervasive problem for companies of all kinds, including maritime companies. On Monday, Hapag-Lloyd cautioned the shipping community to be wary of sophisticated phishing attacks using fake websites. The line has discovered a complete duplicate of its own site at a different domain name online, likely created by a threat actor to harvest login credentials from unwary users. 

The line's security team assessed that the fake copy of the site was "very likely to be used for a spear phishing attack." In this kind of scheme, the hacker sends scam emails to target users containing a link to the fake site. When they click on the link, they are directed to an exact copy of a legitimate web portal. If they attempt to log in, they are essentially handing their username and password to the threat actor. 

To make sure that its customers do not fall victim to this scam, Hapag-Lloyd advised all site users to check whether any emailed links actually direct them to a legitimate web domain name. A phishing mail analyzer can also assist with filtering out attempted attacks. To be absolutely certain, users can type a legitimate, known web address into their browser manually and log in via that portal, without clicking on any emailed links.