Kaspersky Finds Attacks Targeting Military Companies And Public Organizations, Here's Suggestions For Protection

Expert advice to keep your ICS computer protected from various threats (photo: Unsplash)

JAKARTA - Kaspersky ICS CERT has detected a wave of targeted attacks on military-industrial complex companies and public institutions in several Eastern European countries and Afghanistan. Cybercriminals can take control of a victim's entire IT infrastructure for industrial espionage purposes.

By January 2022, Kaspersky researchers had also witnessed several follow-up attacks on military companies and public organizations. The main purpose of such attacks is to access the company's personal information and to gain control over IT systems.

This attack is intended to impersonate an organization's user accounts arbitrarily and search for documents or other files containing sensitive organization data. Then the data is infiltrated into the attacker's servers hosted in various countries.

“As a result, simply changing the password or blocking the compromised account will not be enough. Our advice is to carefully check all suspicious activity and rely on a reliable security solution", said Vyacheslav Kopeytsev, a security expert at ICS CERT Kaspersky.

To keep your ICS computer protected from various threats, Kaspersky experts recommend the following for businesses:

• Regularly update the operating system and application software that are part of the corporate network. Apply security fixes and patches to IT and OT network equipment as soon as they become available
• Conduct periodic security audits of IT systems and Operational Technology to identify and eliminate possible vulnerabilities
• Use ICS network traffic monitoring, analysis, and detection solutions for better protection from attacks that could potentially threaten technology processes and key enterprise assets
• Conduct dedicated security training for IT security teams and Operations Technology technicians, to improve response to new and advanced malicious techniques
• Provide the security team responsible for protecting industrial control systems with up-to-date threat intelligence. Our ICS Threat Intelligence Reporting Service provides insight into current threats and attack vectors, as well as the most vulnerable elements in industrial control systems and how to mitigate them
• Use security solutions for operational and network technology endpoints such as Kaspersky Industrial CyberSecurity, to ensure comprehensive protection for all industry-critical systems
• Protecting IT infrastructure is equally important. Integrated Endpoint Security protects enterprise endpoints and enables automated threat detection and robust response capabilities.