29 January 2025
Threat predictions for industrial enterprises 2025Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
Filter
26 December 2024
APT and financial attacks on industrial organizations in Q3 2024During the quarter, a number of research papers and technical advisories were published detailing attacks that either targeted or affected organizations in the industrial sector. From our perspective, the following are likely to be the most interesting for researchers and useful for cybersecurity practitioners
25 December 2024
Threat landscape for industrial automation systems. Regions, Q3 2024The percentage of ICS computers on which malicious objects were blocked decreased from the second quarter to 22%. But the figure increased in Africa, South Asia, South-East Asia, the Middle East, Latin America, and East Asia. Regionally, the percentage ranged from 9.7% in Northern Europe to 31.5% in Africa.
25 December 2024
Threat landscape for industrial automation systems. Q3 2024The percentage of ICS computers on which malicious objects were blocked decreased by 1.5 pp from the second quarter to 22%. The biometrics sector led the surveyed industries in terms of this parameter.
21 November 2024
Threat landscape for industrial automation systems. Regions, Q2 2024The global percentage of ICS computers on which malicious objects were blocked decreased from Q1 2024 to 23.5%. But the figure increased in four regions. Regionally, the percentage ranged from 11.3% in Northern Europe to 30% in Africa.
08 November 2024
Q2 2024 – a brief overview of the main incidents in industrial cybersecurityA total of 35 incidents were confirmed by victims. Half of the attacks reportedly resulted in the denial of IT systems and the denial of operations. There is a case of a company that was unable to recover from the impact of a cyberattack and decided to cease operations.
03 October 2024
APT and financial attacks on industrial organizations in Q2 2024This summary provides an overview of the reports of APT and financial attacks on industrial enterprises that were disclosed in Q2 2024, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
26 September 2024
Threat landscape for industrial automation systems. Q2 2024In the second quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.9 pp from the previous quarter to 23.5%. Compared to the second quarter of 2023, the percentage decreased by 3.3 pp.
13 June 2024
Cinterion EHS5 3G UMTS/HSPA Module ResearchIn the course of the modem security analysis, we found seven locally exploited vulnerabilities and one remotely exploited vulnerability. The combination of these vulnerabilities could allow an attacker to completely get control over the modem.
10 June 2024
APT and financial attacks on industrial organizations in Q1 2024This summary provides an overview of the reports of APT and financial attacks on industrial enterprises, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.
Filter
09 February 2021
Classics: vulnerabilities in web console and third-party components in Pepperl+Fuchs IO-Link-Master gatewaysThe vendor has published an advisory on vulnerabilities in multifunctional gateway devices designed to integrate different types of sensors and PLCs into industrial environments
05 February 2021
Getting back on Treck: more vulnerabilities in the infamous TCP/IP StackVulnerabilities have been identified in the IPv6 component in the Treck TCP/IP stack implementation. It is recommended that vendors of IoT devices using that implementation issue security advisories.
02 February 2021
Much ado about the certificate: what one should know about Siemens SCALANCE X switch configuration to avoid MitMSiemens has released a security alert which describes some cases of SCALANCE X-200/X-200IRT/X-300 switches using hardcoded encryption keys, making them prone to man-in-the-middle attacks
28 January 2021
Cryptographic deadly sins and the security of Modicon M100/M200/M221Weak implementation of cryptographic data protection allows various types of attacks and enables attackers to identify the key in captured traffic
27 January 2021
From buffer overflow to switchboard setup errors: vulnerabilities in building operation software by Schneider ElectricVulnerabilities in Schneider Electric’s low-voltage distribution system configuration software could enable attackers to upload arbitrary files defining electrical system parameters
26 January 2021
Twentieth for Ripple20: Vulnerability in embedded web server of I/O expansion modules for IoTSсhneider Electric has published an advisory on a critical vulnerability in the web server used in TM3 I/O expansion modules
26 January 2021
Critical vulnerability in Schneider Electric HMI configuration softwareThe vulnerability could cause a Windows local user privilege escalation when using EcoStruxure™ Operator Terminal Expert and Pro-face BLUE software and WinGP runtime environment by Schneider Electric.
26 January 2021
A classic that needs updating: fresh vulnerabilities in the software of Siemens SCALANCE X switchesDoS vulnerabilities have been disclosed in the integrated web server of Siemens SCALANCE X-200 / X-200IRT / X-300 switches. Measures proposed by the vendor do not prevent all possible attacks.
23 November 2020
First things first: Kaspersky ICS CERT becomes new member of the global Forum of Incident Response and Security Teams (FIRST)After rigorous assessment, Kaspersky’s Industrial Systems Emergency Response Team (ICS CERT) has officially joined FIRST – the global Forum of Incident Response and Security Teams.
23 November 2020
ENISA publishes guidelines for securing internet of things supply chainThe European Union Agency for Cybersecurity (ENISA) has published its guidelines for securing the internet of things supply chain. Kaspersky ICS CERT experts were among the contributors to the development effort.
Filter
31
Jan 2019
Kaspersky Lab has taken part in S4x19 Industrial Cybersecurity Conference
Kaspersky Lab presented its latest findings on CoDeSys Runtime vulnerabilities at the S4x19 conference, in what was a successful debut among competing industrial cybersecurity vendors
14
Dec 2018
Kaspersky Lab and Fraunhofer IOSB conduct another joint training
Another two-day course “Advanced Industrial Cybersecurity in Practice” was held in Germany. The course included theoretical sections followed by live demonstrations and exercises. An international group of participants left positive feedback
29
Nov 2018
Kaspersky Industrial CTF 2018 Qualifications Results
The online qualifications round for Kaspersky Industrial CTF 2018 took place on November 23-24. Over 1,000 teams registered with 130 eventually scoring points. The top 4 teams will participate in the finals
27
Nov 2018
Kaspersky Lab ICS CERT Hands-on: IoT vulnerability research and exploitation training
Kaspersky Lab ICS CERT is conducting a practical course in IoT vulnerability research. This class provides a deep dive into hardware analysis, firmware extraction and analysis, vulnerability research and exploitation.
19
Nov 2018
RATs – are they Useful or Dangerous for your ICS
In October 2018, Vyacheslav Kopeytsev, Security Researcher, Critical Infrastructure Threat Analysis, spoke at MALCON 2018, the 13th IEEE International Conference on Malicious and Unwanted Software, held this year in Massachusetts, USA.
23
Oct 2018
Kaspersky Lab challenges whitehats to find flaws in IoT devices, in Capture the Flag competition
Kaspersky Lab is launching the fourth international industrial Capture the Flag (CTF) security competition and inviting ethical hackers (whitehats) from across the world to test the security of smart devices and industrial systems
15
Oct 2018
Opportunities and challenges in digital transformation: sixth industrial cybersecurity conference organized by Kaspersky Lab
The sixth conference on industrial cybersecurity organized by Kaspersky Lab was held on September 19-21 in Sochi, Russia. This year’s theme was ‘Industrial cybersecurity: opportunities and challenges in digital transformation’.
10
Oct 2018
Bridging the ICS cybersecurity awareness gap: webinar by Kaspersky Lab & Fraunhofer IOSB
On October 16, Kaspersky Lab and Fraunhofer IOSB are hosting a joint webinar to highlight the importance of ICS cybersecurity education and present a new ICS cybersecurity training course
8
Oct 2018
First joint training by Kaspersky Lab and Fraunhofer IOSB
On September 26 – 27, 2018 Kaspersky Lab ICS CERT and Fraunhofer IOSB conducted their first “Advanced Industrial Cybersecurity in Practice” joint training course
20
Apr 2018
Education initiative by Kaspersky Lab ICS CERT and Fraunhofer IOSB
Kaspersky Lab ICS CERT and Fraunhofer IOSB are working together to address industrial cybersecurity and awareness challenges.