22 November 2022
ICS cyberthreats in 2023 – what to expect
Cybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. Below we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision.
08 September 2022
H1 2022 – a brief overview of the main incidents in industrial cybersecurity
Events in the cybersecurity world, including ICS, were intense in H1 2022.
08 August 2022
Targeted attack on industrial enterprises and public institutions
The attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.
27 June 2022
Attacks on industrial control systems using ShadowPad
A previously unknown Chinese-speaking threat actor attacking telecommunications, manufacturing, and transport organizations in several Asian countries. The group exploits MS Exchange vulnerability to deploy ShadowPad malware and infiltrates building automation systems of one of the victims.
28 February 2022
APT attacks on industrial companies in H2 2021
This summary provides an overview of APT attacks on industrial enterprises disclosed in H2 2021.
16 December 2021
PseudoManuscrypt: a mass-scale spyware attack campaign
Kaspersky products blocked PseudoManuscrypt on more than 35,000 computers in 195 countries of the world. Targets of attacks include a significant number of industrial and government organizations, including enterprises in the military-industrial complex and research laboratories.
23 November 2021
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021
In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.
26 October 2021
APT attacks on industrial organizations in H1 2021
This summary provides an overview of APT attacks on industrial enterprises disclosed in H1 2021.
29 March 2021
APT attacks on industrial companies in 2020
Overview of APT attacks on industrial enterprises information on which was published in 2020.
25 February 2021
Lazarus targets defense industry with ThreatNeedle
In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.