Publications

03 October 2024

This summary provides an overview of the reports of APT and financial attacks on industrial enterprises that were disclosed in Q2 2024, as well as the related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities.

• buildings automation,
• manufacturing,
• miners,
• phishing,
• ransomware,
• spyware,
• statistics

26 September 2024

In the second quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.9 pp from the previous quarter to 23.5%. Compared to the second quarter of 2023, the percentage decreased by 3.3 pp.

• buildings automation,
• malware,
• manufacturing,
• miners,
• phishing,
• ransomware,
• spyware,
• statistics

27 May 2024

In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 21.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp.

• buildings automation,
• energy sector,
• ICS engineering,
• ICS integration,
• malware,
• manufacturing,
• miners,
• oil & gas,
• phishing,
• ransomware,
• spyware,
• statistics

27 May 2024

The percentage of ICS computers on which malicious objects were blocked during the quarter varied regionally from 34.2% in Africa to 11.5% in Northern Europe. Africa and South-East Asia saw their percentages increase from the previous quarter.

• buildings automation,
• energy sector,
• ICS engineering,
• ICS integration,
• malware,
• manufacturing,
• miners,
• oil & gas,
• phishing,
• ransomware,
• spyware,
• statistics

18 October 2023

Kaspersky experts discovered several detections of malware from the MATA cluster, previously attributed to the Lazarus group, compromising defense contractor companies in Eastern Europe.

• APT,
• Lazarus,
• malware,
• MATA,
• military-defense,
• phishing

05 October 2023

In this overview, we discuss cybercriminal and hacktivist attacks on industrial organizations.

• 0-day,
• automotive,
• data leakage,
• data loss,
• electronics industry,
• energy sector,
• food & beverage,
• hacktivists,
• ICS engineering,
• industrial automation,
• irrigation,
• logistics,
• manufacturing,
• metallurgy,
• military-defense,
• mining,
• MOVEit MFT,
• oil & gas,
• pharmaceutical,
• phishing,
• ransomware,
• robotics,
• transportation,
• utilities,
• waste recycling

22 November 2022

Cybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. Below we share some of our thoughts on potential developments of 2023, though we cannot claim to be providing either a complete picture or a high degree of precision.

• APT,
• ICS security,
• industrial cybersecurity,
• phishing,
• vulnerabilities

08 August 2022

The attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions. The goal of this series of attacks was cyberespionage.

• APT,
• cyberespionage,
• government,
• manufacturing,
• phishing,
• TA428

19 January 2022

Targets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing emails and collect stolen data.

• automotive,
• business email compromise,
• construction,
• energy sector,
• food & beverage,
• healthcare,
• ICS engineering,
• ICS integration,
• logistics,
• manufacturing,
• oil & gas,
• pharmaceutical,
• phishing,
• SMTP,
• spyware,
• transportation,
• utilities,
• waste recycling

23 November 2021

In recent years, we have observed various trends in the changing threat landscape for industrial enterprises, most of which have been evolving for some time. We can say with high confidence that many of these trends will not only continue, but gain new traction in the coming year.

• APT,
• ICS security,
• industrial cybersecurity,
• phishing,
• ransomware,
• vulnerabilities