This report provides a summary of cyber incidents, onsite deployments, and associated findings from the time ICS-CERT was established in 2009 through the end of 2011. The report is divided into three main sections:
1. The first section gives a summary of incident reports and outlines major highlights for each year. Statistics are given for incident response support as well as onsite deployments;
2. The second section examines the onsite response efforts in detail and gives a summary of each deployment;
3. The third section presents common findings from onsite vulnerability assessments and discusses security gaps that asset owners should address to improve the secure posture of their systems.
The first relevant information is how the number of incidents reported skyrocketed from 9 in 2009 to 198 in 2011.
The second is what DHS called “sector distribution”. In 2009, there were all of 4 sectors targeted for some kind of malicious attack: dams, energy, water and 2 attacks that crossed sectors. Last year, there were 10 sectors targeted, and 49 cross-sector incidents.
Read all the report here: