19 January 2022
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks
Targets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.
23 November 2021
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021
In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.
05 November 2020
Attacks on industrial enterprises using RMS and TeamViewer: new data
The attacks use remote administration utilities whose graphical user interface is hidden by the malware, enabling the attackers to control the infected system without the user’s knowledge.
17 June 2020
Steganography in attacks on industrial enterprises (updated)
Kaspersky ICS CERT has identified a series of attacks targeting, among others, organizations in various industrial sectors. Victims include suppliers of equipment and software for industrial enterprises.
27 March 2019
Threat landscape for industrial automation systems. H2 2018
Main events of the six-month period, vulnerabilities identified in 2018, relevant threats, and statistics from ICS computers protected by Kaspersky products.
06 September 2018
Threat landscape for industrial automation systems: H1 2018
In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial automation systems conducted during the first half of 2018.
01 August 2018
Attacks on industrial enterprises using RMS and TeamViewer
The malware used in these attacks installs legitimate remote administration software – TeamViewer or RMS – on the system. This enables the attackers to gain remote control of infected systems.
15 June 2017
Nigerian phishing: industrial companies under attack
In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors.
28 March 2017
Threat Landscape for Industrial Automation Systems in the second half of 2016
The Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) is starting a series of regular publications about our research devoted to the threat landscape for industrial organizations.