Publications

Filter

26 June 2025

A brief overview of the main incidents in industrial cybersecurity. Q1 2025

The attack on Kuala Lumpur airport, which knocked out many of its information systems for 10 hours, plus over 100 more incidents.

10 June 2025

Threat landscape for industrial automation systems. Regions, Q1 2025

The internet ranks first among threat sources in all regions. The problem is particularly relevant to Africa, South-East Asia, South Asia and Russia.

17 March 2025

Threat landscape for industrial automation systems. Regions, Q4 2024

The percentage of ICS computers on which malicious objects were blocked increased in eight regions. Regionally, the percentage ranged from 10.6% in Northern Europe to 31.0% in Africa.

17 March 2025

Threat landscape for industrial automation systems. Q4 2024

The percentage of ICS computers on which malicious scripts and phishing pages as well as ransomware were blocked continued to increase.

19 February 2025

Q3 2024 – a brief overview of the main incidents in industrial cybersecurity

Many large companies, including some well-known brands, affected by cyberattacks. An unusually high number of victims were in critical sectors such as utilities and power and energy.

25 December 2024

Threat landscape for industrial automation systems. Regions, Q3 2024

The percentage of ICS computers on which malicious objects were blocked decreased from the second quarter to 22%. But the figure increased in Africa, South Asia, South-East Asia, the Middle East, Latin America, and East Asia. Regionally, the percentage ranged from 9.7% in Northern Europe to 31.5% in Africa.

25 December 2024

Threat landscape for industrial automation systems. Q3 2024

The percentage of ICS computers on which malicious objects were blocked decreased by 1.5 pp from the second quarter to 22%. The biometrics sector led the surveyed industries in terms of this parameter.

08 November 2024

Q2 2024 – a brief overview of the main incidents in industrial cybersecurity

A total of 35 incidents were confirmed by victims. Half of the attacks reportedly resulted in the denial of IT systems and the denial of operations. There is a case of a company that was unable to recover from the impact of a cyberattack and decided to cease operations.

11 April 2024

H2 2023 – a brief overview of main incidents in industrial cybersecurity

In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.

19 January 2022

Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks

Targets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.

Filter