According to researchers, two out of every five (40.6%) operational technology (OT) computers used in industrial settings were affected by malware in 2022. The data comes from a report published recently by security researchers at Kaspersky. The figures represent a 6% increase compared with the previous half of the year and almost 1.5 times more than in the second half of 2021.
“Overall, 2022 stands out for its abnormal absence of seasonal changes. Our team observed a steadily high rate of attacks on industrial sectors without a typical drop-in attack during summer vacations or winter holidays,” explained a senior researcher at Kaspersky ICS CERT, commenting on the report’s findings. “However, the growing attack rates in industrial sectors that are being conducted using social engineering seem alarming.”
See: https://redskyalliance.org/xindustry/ekans-ransomware-targets-industrial-control-systems-more
The latest Kaspersky report suggests the top two malware categories seen by the team (malicious scripts and phishing pages) showed growth in the second half of 2022. Threat actors reportedly used these tools to collect information, track activity, and redirect browser requests to malicious web resources. Researchers also observed malicious scripts being used to enable the download of various malicious programs and for loading malware, such as spyware or tools for covert cryptocurrency mining in users’ browsers.
From a geographical standpoint, Northern Europe was the only region that showed a growth in malware spread via email clients. Africa, the Middle East, Asia, and Latin America topped regional rankings for most OT computers compromised using removable devices.
According to the report, attacks targeting the automotive manufacturing and energy sectors grew substantially, accounting for 36.9% and 34.5% of all industries. Researchers recommend that customers in these sectors revise their existing approach to security and check whether all security systems are up-to-date and their personnel receives cyber threat training.
See: https://redskyalliance.org/xindustry/flaws-in-industrial-control-systems
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
Comments