Report

Threat landscape for industrial automation systems. Q2 2025

The percentage of ICS computers on which denylisted internet resources were blocked increased in all regions. This growth is associated with the addition of direct links to malicious code hosted on popular public websites and file services.

Blog

Why APTs are so successful – stories from IR trenches

TTPs of Cyber Partisans activity aimed at espionage and disruption

Operation SalmonSlalom

Report

Faults in digital avionics systems threaten flight safety

Report an incident

Reports All

Threat landscape for industrial automation systems. Q2 2025

The percentage of ICS computers on which denylisted internet resources were blocked increased in all regions. This growth is associated with the addition of direct links to malicious code hosted on popular public websites and file services.

11 September 2025

Dynamics of external and internal threats to industrial control systems. Q2 2025

A segmentation of the attacked ICS computers into categories based on the malware blocked and the sources of its entry which helps to understand the ICS threat landscape better and identify the factors that affect it.

10 September 2025

APT and financial attacks on industrial organizations in Q2 2025

Spreading from a compromised organization to its peers with hijacked emails, using the ClickFix social engineering method – non-trivial tactics and techniques were reported this quarter.

04 September 2025

More reports

Advisories All

KLCERT-22-212: Telit Cinterion (Thales/Gemalto) modules. Exposure of Sensitive Information Through Environmental Variables

09 November 2023

KLCERT-22-193: Telit Cinterion (Thales/Gemalto) modules. Exposure of Sensitive Information to an Unauthorized Actor

09 November 2023

KLCERT-23-018: Telit Cinterion (Thales/Gemalto) modules. Buffer Copy without Checking Size of Input vulnerability

08 November 2023

More advisories

Blog All

“Security by design helps you stay one step ahead”
15 April 2025
Why APTs are so successful – stories from IR trenches
30 May 2023
Unusual penetration techniques – in the wild and in Red Team research
12 December 2022
More blog

Services All

Kaspersky ICS CERT provides unique services in the area of industrial automation system and internet-of-things cybersecurity

Stay Informed

Keep up to date on threats and risks relevant to your organization

Get Ready

Empower your workforce with cybersecurity knowledge

Respond

Expert handling of security incidents using our professional services

Transform

Rethink your approach to cybersecurity from the ground up

More services

Events All

Kaspersky ICS CERT experts participate in conferences and conduct training courses, seminars, workshops, and CTF contests
26March 2024

Industrial cybersecurity in 2024: trends and forecasts presented by Evgeny Goncharov, head of Kaspersky’s ICS CERT

22Dec 2021

TÜV Austria Academy will offer Kaspersky training courses

2Dec 2021

Kaspersky Industrial Cybersecurity Conference 2021

More events
Newsletter subscription