By Eduard Kovacs on September 21, 2018
Remote administration tools (RATs) installed for legitimate purposes in operational technology (OT) networks can pose a serious security risk, allowing malicious actors to abuse them in attacks aimed at industrial organizations, Kaspersky Lab warns.
A report published on Friday by the security firm reveals that, on average, in the first half of 2018, legitimate RATs were found on more than two-thirds of computers used for industrial control systems (ICS).
The highest percentage of ICS computers with RATs were found in Kazakhstan, where over half of all analyzed systems had a remote admin tool installed. In the United States, 29% of the devices monitored by Kaspersky had a legitimate RAT. It’s worth noting that this does not include the remote desktop tool found by default in Windows.
full article here:
https://www.securityweek.com/legitimate-rats-pose-serious-risk-industrial-systems