The U.S. Department of Homeland Security's IndustrialControl Systems Cybersecurity Emergency Response Team (ICS-CERT) detected arise in reported cyberattacks against critical manufacturing organizations in2015, according a newICS-CERT report.
During ICS-CERT's previous fiscal year, which ended in September 2015,there were 295 reported cyberattack incidents involving U.S. criticalinfrastructure. Of those, 97 incidents, or 33 percent, affected the criticalmanufacturing sector. By contrast, critical manufacturing represented only 27percent of cyberattacks in FY 2014 (65 incidents). The report ascribed thisincrease to a pervasive spear phishing campaign in 2015 that focused primarilyon manufacturers.
The report also stated many of the 295 reported attacks exploited “insufficientlyarchitected networks such as ICS networks being directly connected to the Internetor to corporate networks.” Spear phishing accounted for 37 percent of the totalincidents.