05 June 2025
TTPs of Cyber Partisans activity aimed at espionage and disruptionKaspersky ICS CERT experts managed to find and analyze the malware and utilities most probably used by the actors. The key finding was a previously unknown backdoor.
Publications
Filter
19 March 2024
Threat landscape for industrial automation systems. Statistics for H2 2023The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
06 March 2023
Threat landscape for industrial automation systems. Statistics for H2 2022The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
22 November 2022
ICS cyberthreats in 2023 – what to expectCybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. Below we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision.
23 November 2021
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.
13 October 2020
What it feels like for a turbineThe goal of the article is to raise awareness on security of Distributed Control Systems (DCS), propose a methodology for assessment, and a remediation strategy. Defenders are always behind attackers, and this publication is trying to balance things out.
15 September 2020
The State of Industrial Cybersecurity 2020In 2020 ARC Advisory Group on behalf of Kaspersky conducted a survey on the state of industrial cybersecurity, as well as the current priorities and challenges of industrial organizations. More than 330 industrial companies and organizations across the globe were surveyed online and 10 industry representatives were interviewed at trade fairs and ARC forums worldwide.
24 April 2020
Threat landscape for industrial automation systems. Overall global statistics – H2 2019The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.
24 April 2020
Threat landscape for industrial automation systems. Ransomware and other malware: key events of H2 2019This section presents an overview of threats related to ransomware activity against municipal institutions, industrial enterprises and critical infrastructure facilities.
24 April 2020
Threat landscape for industrial automation systems. APT attacks on industrial companies in 2019Overview of APT attacks on industrial enterprises information on which was published in 2019.
Filter
15 April 2025
“Security by design helps you stay one step ahead”Kaspersky expert discusses the challenges of assessing the security of industrial facilities and the role of the professional community in their protection, the reasons behind security issues in rapidly evolving industries, and the impact of digitalization on society.
30 May 2023
Why APTs are so successful – stories from IR trenchesDuring IR, while trying to figure out what went wrong, we’ve found numerous issues
24 May 2022
Draft of the NIST Guide #800-82 – what has changedThe release of the third version of the Guide to Operational Technology (OT) Security, SP 800-82 Rev. 3, is, without a doubt, a milestone. Is the third version as good as the previous ones? What has changed?
16 November 2018
Vulnerabilities in Siemens industrial productsThe most dangerous of the vulnerabilities affect the SIMATIC S7-400 CPU family and the SIMATIC IT Production Suite software package. The vulnerabilities have been fixed for most of the affected products
07 November 2018
Critical vulnerabilities in AVEVA industrial softwareThe vulnerabilities affect InduSoft Web Studio and InTouch Edge HMI and could allow remote execution of arbitrary code
22 October 2018
Phishing attack targeting Italian naval and defense industryThe attackers attempted to infect computers with MartyMcFly remote access Trojan using phishing emails with malicious attachments
19 October 2018
New GreyEnergy malware attacks industrial networksExperts point to the similarities between the new malware and BlackEnergy, and a possible connection of the attacks with the TeleBots criminal group
13 September 2017
IBM Security Report on Cyber Security Risks in the Energy and Utilities SectorIBM X-Force has published a report on cyber security risks in the energy and utilities sector.
Filter