Kaspersky and SADAFCO join forces to boost cyber literacy in the Middle East’s critical infrastructure sector. The partnership aims to raise awareness of the latest cyber threats and provide organisations with the knowledge and tools to protect their OT systems.
Kaspersky and Saudia Dairy and Food Stuff Company (SADAFCO) joined efforts to share best practices and elevate cybersecurity awareness within the critical infrastructure sector in the Middle East.
According to the ICS CERT landscape report by Kaspersky, malicious objects of all types were detected and blocked on 34% of Industrial Control System (ICS) computers in the first half of 2023. In the Middle East, attacks were detected on 36.8% of ICS computers over this period, which is higher than the global average. The top industries under attack were energy (38.4%), oil & gas (31.0%), and manufacturing (21.4%). All these attacks were blocked after detection.
ICS computers are used in oil & gas, energy, automotive manufacturing, building automation infrastructures and other spheres to perform a range of OT functions – from the workstations of engineers and operators to supervisory control and data acquisition (SCADA) servers and Human Machine Interface (HMI). Cyberattacks on industrial computers are considered extremely dangerous as they may cause material losses and production downtime for the controlled production line and the facility as a whole. Moreover, industrial enterprises put out of service can seriously undermine a region’s social welfare, ecology and macroeconomics.
There are different types of cyber threats that Industrial Control Systems face – malicious scripts, spy trojans, worms, and ransomware, among others. The Middle East was one of the regions with the highest percentage of ICS computers on which malicious scripts and phishing pages were blocked in the first half of 2023 (14.3% in the Middle East compared to the 12.7% global average). Malicious scripts serve a broad range of goals: from collecting data, tracking and forwarding users to malicious websites and downloading various malware, such as spyware and/or covert crypto miners, to the system or the browser.
Spyware is another prominent threat to ICS. The Middle East had a high percentage of ICS computers on which spyware was blocked in the first half of 2023 (8.3%). The global average stands at 6.1%.
The Middle East was also one of the regions with the highest percentage of ICS computers attacked by ransomware in the first half of 2023 (0.56% vs. 0.32% global average).
Mission-critical applications heavily leveraged within the critical infrastructure sector are often used as gateways or targets of evolving cyber threats. Ensuring compliance with data privacy legislation regarding data collection, handling, storage, deletion and governance of third-party partners has become mandatory to mitigate the consequences.
“The food industry is part of the critical infrastructure sector and protecting it against evolving cyberattacks from different threat actors is a national priority in Saudi Arabia. As digital transformation gains momentum, cybersecurity must be vital, from the product evaluation and development stage to testing and delivery. While technical defences are crucial, so is awareness among the workforce. We strongly believe that training and education need to be a continuous process. Our measures at SADAFCO are designed to the highest possible standards and follow three core tenets – cybersecurity training, communication and accountability. We have implemented an annual calendar of targeted cybersecurity training and education activities endorsed at all levels of our business management team. We are pleased that we have taken steps to protect our company and thereby contribute to safeguarding critical industries in Saudi Arabia,” said Shrikanth Andali, CIO at Saudia Dairy and Food Stuff Company.
“When it comes to ICS, all world regions have their specifics. The Middle East is a major global energy hub, with numerous critical infrastructure facilities, including oil and gas refineries. Protecting these facilities from cyber threats is paramount to ensuring a stable energy supply worldwide. It should also be noted that many Middle Eastern countries are undergoing rapid industrialisation and modernisation, often involving deploying new ICS technologies. These systems may not have robust cybersecurity measures, making them potential targets,” comments Evgeny Goncharov, Head of Kaspersky ICS CERT. “By understanding the risks related to ICS, organisations can make informed decisions, allocate resources wisely, and efficiently fortify their defences. In doing so, they protect their bottom line and contribute to a safer and more secure digital ecosystem for all.”
To understand the ICS threat landscape, meet the Kaspersky experts at Stand H25-A30, Hall 25 at GITEX Global 2023, or read more here.
To keep your OT computers protected from various threats, Kaspersky experts recommend:
- Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues.
- Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique, actionable information only partially available to the public.
- Performing timely updates for the key components of the enterprise’s OT network, applying security fixes and patches, or implementing compensating measures as soon as possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process.
- Using EDR solutions such as Kaspersky Endpoint Detection and Response for timely detection of sophisticated threats, investigation, and effective remediation of incidents.
- Improving the response to new and advanced malicious techniques by building and strengthening your teams’ incident prevention, detection, and response skills. Dedicated OT security training for IT security teams and OT personnel is one of the key measures helping to achieve this.
To equip your organisation with the right knowledge and tools, SADAFCO recommends:
- With one wrong click potentially having major security consequences, educating and training the workforce must be a priority; it is the first line of defence against malicious attacks.
- Implement robust Environmental, Social, and Corporate Governance (ESG) practices that ensure strategic and operational alignment across all parts of the business.
- Review and evaluate cybersecurity and data privacy governance processes.
- Track your company KPIs against committed ESG metrics.
- Maintain transparency on cybersecurity measures across all workforce levels via regular corporate communications.