Home / Reports


Attacks on industrial enterprises using RMS and TeamViewer

01 August 2018

Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production.
The State of Industrial Cybersecurity 2018: findings of joint survey by Kaspersky Lab and PAC

28 June 2018

Kaspersky Lab has published the results of The State of Industrial Cybersecurity study carried out in collaboration with PAC, a CXP Group Company, and based on a survey of 320 professionals representing companies from such sectors as manufacturing and industrial production, energy, mining, transport, and logistics.
OPC UA security analysis

10 May 2018

This paper discusses our project that involved searching for vulnerabilities in implementations of the OPC UA protocol. In publishing this material, we hope to draw the attention of vendors that develop software for industrial automation systems and the industrial internet of things to problems associated with using such widely available technologies, which turned out to be quite common.
Energetic Bear / Crouching Yeti: attacks on servers

23 April 2018

This report by Kaspersky Lab ICS CERT presents information on identified servers that have been infected and used by the group. The report also includes the findings of an analysis of several webservers compromised by the Energetic Bear group during 2016 and in early 2017.
Threat Landscape for Industrial Automation Systems in H2 2017

26 March 2018

In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2017.
Somebody’s watching! When cameras are more than just ‘smart’

12 March 2018

The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses.
IoT hack: how to break a smart home… again

28 February 2018

There can never be too many IoT gadgets – that’s what people usually think when buying yet another connected device with advanced functionality. From our perspective, we also think there can’t be too many IoT investigations.
Gas is too expensive? Let’s make it cheap!

07 February 2018

A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical security threat.
A silver bullet for the attacker. A study into the security of hardware license tokens

22 January 2018

Why we decided to analyze SafeNet Sentinel Vulnerabilities and attack vectors Peculiar functionality Non-transparent security Update software to the current version (7.6) ASAP   In the past years, the problem of vulnerabilities in industrial automation systems has been becoming increasingly important. The fact that industrial control systems have been developing in parallel with IT systems,...
MLAD: Machine Learning for Anomaly Detection

16 January 2018

Modern industrial control systems (ICS) are cyber-physical systems that include IT infrastructure and operational technologies or OT infrastructure. Attacks on OT pose the greatest danger and are very difficult to detect. The MLAD (Machine Learning for Anomaly Detection) technology is designed to protect OT.