ICS-CERT Incidents report -  2016 

Document created by Shlomi Feldman Employee on Mar 13, 2018
Version 1Show Document
  • View in full screen mode
  •         In 2016 290 incidents were reported and investigated by the ICS-CERT
  •          The most attacked sectors were Communication (less relevant for this discussion), Critical manufacturing, energy and water. We could expect high
         awareness and   better security levels Critical manufacturing, energy and water, but still 48%  of all incidents in 2016 were reported in these sectors.
  •           About 5% of the incidents occurred in commercial, healthcare and public health facilities. I suspect that we will notice a growing trend and larger number of incidents
          in these sectors during the next few years.
  •           The most common (known) threat vector was Spear phishing. Still proving that attacks are drilling from the IT to the OT networks.
          meaning that still there is much do to concerning segmentation between IT/OT network and pure IT side protection in the relevant sectors.
  •            25% of the incidents managed to intrude some type of a business level and part of them even to critical systems. We should be very troubled with the fact
          that the intrusion level of 40% of the incidents is still unknown.