Threat landscape for industrial automation systems, Q1 2024


In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp.

Building automation has historically led the surveyed industries in terms of the percentage of ICS computers on which malicious objects were blocked.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Dragos Industrial Ransomware Analysis Q3 2024

    December 17, 2024

    The third quarter (July – September) of 2024 brought transformative shifts to the ransomware landscape, emphasizing its dynamic and continuously evolving nature. The ransomware threat ecosystem remained highly active in the third quarter, fueled by new groups, rebranding of existing entities, expansion of initial access broker operations, and proliferation of illicitly traded tools. Ransomware operators increasingly ...

  • FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications

    November 19, 2024

    In July 2024, the operational technology (OT)-centric malware FrostyGoop/BUSTLEBERM became publicly known, after attackers used it to disrupt critical infrastructure. The outage occurred after the Cyber Security Situation Center (CSSC), affiliated with the Security Service of Ukraine, disclosed details of an attack on a municipal energy company in Ukraine in early 2024. FrostyGoop is the ninth ...

  • Schneider Electric Data Breach Leaks Critical Data, Hellcat Ransomware Group Demands Hefty Ransom in Baguettes

    November 15, 2024

    French digital automation and energy management giant Schneider Electric is investigating a data breach after a hacker claimed they stole dozens of gigabytes and demanded a hefty ransom in Baguettes, a classic popular French bread item. Schneider Electric manufactures various energy management and automation products, from home electrical components to industrial control systems. The Rueil-Malmaison, France-based ...

  • Threat landscape for industrial automation systems, Q2 2024

    September 26, 2024

    In the second quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.9 pp from the previous quarter to 23.5%. The percentage has decreased by 3.3 pp compared to the second quarter of 2023, when the indicator reached its highest level since records began in 2022. Read more… Source: Kaspersky Sign up ...

  • CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

    July 26, 2024

    Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF). SSRF occurs when the server can be induced to perform arbitrary requests on behalf of an attacker. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web ...

  • Vulnerabilities in PanelView Plus devices could lead to remote code execution

    July 2, 2024

    Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device. The ...