15 May 2025
Threat landscape for industrial automation systems. Q1 2025The percentage of ICS computers on which various types of malware spread via the internet and email were blocked increased for the first time in two years.
Filter
08 April 2025
A brief overview of the main incidents in industrial cybersecurity. Q4 2024More than 100 companies publicly reported cyberattacks. Two of them announced their insolvency after the incident. In two other cases, two ransomware gangs simultaneously claimed responsibility for the same hack.
25 March 2025
APT and financial attacks on industrial organizations in Q4 2024Abusing of Telegram to spy and put pressure on their victims’ employees, notifying the victims by printing messages on printers connected to a compromised network – we publish interesting details of attacks on industrial enterprises disclosed at this quarter.
17 March 2025
Threat landscape for industrial automation systems. Regions, Q4 2024The percentage of ICS computers on which malicious objects were blocked increased in eight regions. Regionally, the percentage ranged from 10.6% in Northern Europe to 31.0% in Africa.
17 March 2025
Threat landscape for industrial automation systems. Q4 2024The percentage of ICS computers on which malicious scripts and phishing pages as well as ransomware were blocked continued to increase.
24 February 2025
Operation SalmonSlalomKaspersky discovered a new attack targeting industrial organizations in APAC
19 February 2025
Q3 2024 – a brief overview of the main incidents in industrial cybersecurityMany large companies, including some well-known brands, affected by cyberattacks. An unusually high number of victims were in critical sectors such as utilities and power and energy.
29 January 2025
Threat predictions for industrial enterprises 2025Kaspersky ICS CERT analyzes industrial threat trends and makes forecasts on how the industrial threat landscape will look in 2025.
26 December 2024
APT and financial attacks on industrial organizations in Q3 2024During the quarter, a number of research papers and technical advisories were published detailing attacks that either targeted or affected organizations in the industrial sector. From our perspective, the following are likely to be the most interesting for researchers and useful for cybersecurity practitioners
25 December 2024
Threat landscape for industrial automation systems. Regions, Q3 2024The percentage of ICS computers on which malicious objects were blocked decreased from the second quarter to 22%. But the figure increased in Africa, South Asia, South-East Asia, the Middle East, Latin America, and East Asia. Regionally, the percentage ranged from 9.7% in Northern Europe to 31.5% in Africa.
Filter
17 April 2020
New ransomware attacks on industrial enterprisesIn new ransomware attacks, victims face the choice between paying the ransom and seeing their sensitive data published by the attackers
13 April 2020
Multiple vulnerabilities in Advantech WebAccess/NMSIf exploited, the vulnerabilities could lead to arbitrary code execution, file manipulations, denial of service and the creation of an admin account
03 April 2020
Threat actor behind Ruyk malware continues attacks on medical facilities despite epidemicIn the past month, 10 more hospitals have fallen victim to Ryuk attacks in the US
17 January 2020
Ransomware attack on Picanol paralyzes production at plants in Belgium, Romania, and ChinaThe company has been forced to stop its operations almost completely. Production recovery will take at least a week
10 January 2020
Dustman wiper attack on Bapco oil companyDustman is an upgraded version of the ZeroCleare wiper. The attack exploited a vulnerability in VPN appliances
30 December 2019
Ryuk ransomware attacks unnamed US maritime transportation facilityThe infection affected the facility’s corporate network and industrial control systems that control cargo transfer. The primary operations of the facility were shut down for over 30 hours
24 December 2019
German cities under attack by Emotet botnetEmotet was distributed via phishing emails and was used to deploy ransomware
20 December 2019
Multiple vulnerabilities in WAGO PLCsNine vulnerabilities have been identified in WAGO PFC200 and PFC100 PLCs. They could lead to arbitrary code execution or cause denial of service
20 December 2019
More ransomware attacksVictims of the latest attacks include Pensacola and New Orleans city administrations in the US and a hospital in Benešov (Czech Republic)
19 December 2019
Multiple vulnerabilities in Modicon controllersIf exploited, the vulnerabilities could result in denial of service. They can be fixed by updating device firmware
Filter