Surge in ICS Attacks: Biometrics and Building Automation at Highest Risk in South Asia, ET CISO
'Our research shows that in the region, critical sectors such as biometrics, manufacturing, and energy remain prime targets for cybercriminals, underscoring the urgent need for proactive defense strategies, continuous monitoring, and robust industrial cybersecurity practices,' says Jaydeep Singh, General Manager for India at Kaspersky. 'Notably, nearly one in five ICS systems in India experienced malicious activity. As threat actors grow more persistent and sophisticated, organizations must enhance visibility across both IT and OT environments and invest in tailored security frameworks to safeguard critical operations.'
Advt
Advt
The Kaspersky report reveals that in South Asia, the biometrics sector faced the highest number of ICS (Industrial Control Systems) threats in Q1 2025, with malicious objects blocked on 28.1% of ICS computers, matching the global average. Biometrics, used for secure authentication and identification, continues to be a high-risk target for cybercriminals.Building Automation was the second-most affected sector, with 23.4% of ICS computers fending off threats. This industry, which manages energy efficiency, security, and comfort systems in smart buildings, remains vulnerable due to its reliance on interconnected technologies.The Electric Power sector ranked third, with over 22% of ICS computers exposed to threats. Given its role as part of South Asia's critical infrastructure, this sector's cybersecurity posture is vital to national stability.Interestingly, most industry sectors in the region recorded ICS threat levels below the global average—except manufacturing. In this sector, 18% of ICS computers were targeted, slightly above the global figure of 17.6%.Overall, South Asia saw a marginal rise in ICS attacks, with threats blocked on 21% of systems in Q1 2025, up from 20.7% in the previous quarter. However, not all industries followed this upward trend. The manufacturing sector saw a slight quarter-over-quarter drop, from 18.7% in Q4 2024 to 18% in Q1 2025. Engineering and ICS Integration also declined, falling from 19.9% to 19%.'The results of our research show that revising cybersecurity measures for legacy and time-tested technologies is essential more than ever. Organizations relying on ICS should now view cybersecurity not as a cost, but as an investment in business continuity, an insurance policy that not only protects assets and data, but also maintains the trust that has been worked hard to build with customers and partners,' adds Singh.To enhance ICS security in all digitally integrated sectors, Kaspersky recommends the following measures based on enterprise OT insights.
Conducting regular security assessments of OT systems to identify and eliminate possible cybersecurity issues.
Establishing continuous vulnerability assessment and triage as a foundation for an effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public.
Performing timely updates for the key components of the enterprise's OT network, applying security fixes and patches, or implementing compensating measures as soon as it is technically possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process.
Using EDR solutions such as Kaspersky Next EDR Expert for the timely detection of sophisticated threats, investigation, and effective remediation of incidents.
Improving the response to new and advanced malicious techniques by building and strengthening teams' skills in incident prevention, detection, and response. Dedicated OT security training for IT security staff and OT personnel is one of the key measures helping to achieve this.
By ,
ETCISO
Join the community of 2M+ industry professionals. Subscribe to Newsletter to get latest insights & analysis in your inbox.
All about ETCISO industry right on your smartphone! Download the ETCISO App and get the Realtime updates and Save your favourite articles.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Hans India
3 days ago
- Hans India
Cybersecurity Hackathon: MIT Bengaluru announces champions of innovation and problem-solving
Kaspersky, in collaboration with the Manipal Institute of Technology (MIT) Bengaluru, MAHE, has announced the winners of HackSky 2025, one of India's most competitive and student-driven cybersecurity hackathons. After an intense 48-hour finale, Team Technopaths—comprising Advithiya Duddu, Aditya Jemshetty, and Rushil Bakori—emerged victorious, outperforming over 600 participating teams from academic institutions across the country. The high-energy hackathon challenged students to design innovative solutions addressing real-world cybersecurity threats. Following multiple rounds of shortlisting, 60 teams qualified for the final stage, which converted the MIT Bengaluru campus into a hub of innovation and technical creativity. The contestants were given live problem statements crafted by Kaspersky experts, pushing them to develop secure, scalable solutions under intense time pressure. Reflecting on their first major win, Advithiya Duddu from Team Technopaths said, 'Winning our first hackathon was truly rewarding and a special moment for us. We learned so much, and we're excited about building and deploying our product because it has so many real-world applications. The problem statements were thought-provoking and pushed us to think creatively. Our message to other students is simple: never lose hope. Even after several unsuccessful attempts, we gave it one more try, and it paid off.' The valedictory ceremony brought together senior leaders from academia and industry, underlining the importance of collaboration in shaping India's future cybersecurity talent. Dignitaries included Saurabh Sharma (Lead Security Researcher, GReAT, Kaspersky), Vaibhav Pathak (Solution Architect – Asia Pacific, Kaspersky), Prof (Dr) Madhu Veeraraghavan (Pro Vice Chancellor, MAHE Bengaluru), Prof (Dr) Raghavendra Prabhu P (Deputy Registrar & Director-Administration, MAHE Bengaluru), Prof (Dr.) Iven Jose (Director, MIT Bengaluru), Prof. (Dr.) Dayananda P (Dean, SoCE, MIT Bengaluru), and Trishia Octaviano (Senior Manager, Cybersecurity Education, Asia-Pacific, Kaspersky). The winning team took home a prize package including ₹1,00,000 from MAHE, expert training courses worth up to USD 2,500 from Kaspersky, exclusive mentorship sessions with industry experts, and premium corporate merchandise. Speaking about the of the event, Trishia Octaviano, Senior Manager for Cybersecurity Education in the Asia-Pacific region at Kaspersky, said, 'From bold ideas to breakthrough solutions, HackSky 2025 showcased the brilliance and determination of India's young cybersecurity talent. It's inspiring to see such energy focused on securing our digital tomorrow, and Kaspersky is proud to be part of that journey.' Echoing the sentiment, Dr. Iven Jose, Director of MIT Bengaluru, said, 'HackSky 2025 reflects our commitment to nurturing future-ready talent. Collaborating with Kaspersky enabled us to give students hands-on experience in solving real-world cyber threats—a critical step in building a secure digital future.' HackSky 2025 not only highlighted innovative problem-solving by young technologists but also emphasized the growing importance of academia-industry collaboration in tackling cyber challenges. With India facing rapidly evolving digital threats, competitions like HackSky play a vital role in preparing the next generation of cybersecurity professionals.
The Hindu
27-07-2025
- The Hindu
Government rejects Congress' allegations about a ₹2.1 lakh crore organic cotton scam in Madhya Pradesh
The Government on Sunday (July 27, 2025) termed the allegations by the Indian National Congress that normal cotton was being sold as organic cotton in Madhya Pradesh as being 'unfounded, unsubstantiated and misleading', saying that the Agriculture & Processed Food Products Export Development Authority (APEDA) takes concrete steps whenever wilful violations of organic cotton standards are found. Former Madhya Pradesh Chief Minister and senior Congress leader Digvijaya Singh on Saturday (July 26, 2025) called for a court-monitored Central Bureau of Investigation (CBI) probe into an alleged ₹2.1 lakh crore scam in the sale of normal cotton as organic cotton in Madhya Pradesh. 'It may be mentioned that in a press briefing by an opposition leader yesterday, unfounded, unsubstantiated and misleading aspersions are being cast against the Organic Certification programme, the National Programme of Organic Production (NPOP),' the Ministry of Commerce and Industry said in its statement. 'Generalised allegations against a robust regulatory system of the country for a particular crop/region/group of operators only serve to undermine the credibility of legitimate regulatory institutions and the broader organic movement in India,' it added. Mr. Singh said that the objective of NPOP, launched in 2001 by the Ministry of Commerce and Industry and implemented by APEDA, was to certify and regulate the export of organic products. Under this framework, he explained, the NPOP accredits certification bodies, which in turn verify internal control systems. However, he alleged that most farmers who are shown as registered under the internal control systems (ICS) do not grow organic cotton. He added that the government provides these farmer groups with ₹50,000 per hectare for three years to promote organic cotton. 'In short, ICS groups have deliberately committed fraud by adding farmers' names to obtain transaction certificates,' Mr. Singh alleged. The government, however, has categorically refuted this. 'It is clarified that APEDA or the Department of Commerce does not extend any subsidy to farmers taking up organic cultivation under the NPOP,' the statement said. 'The figure of ₹50,000 per hectare and the further wrongly imputed calculations have no basis.' While the government did admit that, despite its checks and balances, 'there have been reported incidences of malpractices and misuse of grower group certification', APEDA has taken strict and concrete action against violators. 'Stringent action has been taken against the cases of wilful violation and severe non-conformities of Certification Bodies with the NPOP standards,' the statement said. 'The NPOP regulations have been revised, bringing in stricter norms in terms of legal entity of grower groups, close monitoring through ICS offices in the vicinity of the grower group, and inspection of grower groups through a mobile app is going to be started shortly.' Further, it said that new procedures have been devised for additional checks for certification of organic cotton production, including a manifold increase in the number of unannounced inspections. 'Wherever credible evidence of non-compliances/wilful violation of organic standards has been brought to light, APEDA has undertaken extensive investigation and taken concrete measures,' the government clarified. 'All such matters are subjected to structured investigation following principles of natural justice. Any Certification Body or operator found violating norms is penalised as per NPOP regulation.'
The Hindu
26-07-2025
- The Hindu
Congress targets government over ‘organic cotton scam', demands probe
Alleging a 'scam' of over ₹2.1 lakh crore in the name of organic cotton in India, the Congress on Saturday (July 26, 2025) demanded the formation of a Special Investigation Team (SIT) led by the Central Bureau of Investigation (CBI) under the supervision of a High Court judge. The party said that the scam has severely harmed the global credibility of India's organic products and caused significant damage to farmers. Speaking at a press conference at the All India Congress Committee headquarters, senior Congress leader and former Chief Minister of Madhya Pradesh, Digvijaya Singh, alleged that certain traders are falsely labeling non-organic cotton as 'organic' and earning six-fold profits, while genuine farmers struggle to get even the minimum support price. He added that the scam involved massive tax and GST evasion. The Congress leader said the government has been aware of irregularities in the certification process and the scam since 2017 but has not taken any strict action. Mr. Singh explained that in 2001, the Ministry of Commerce and Industry launched the National Programme for Organic Production (NPOP), which is implemented by the Agricultural and Processed Food Products Export Development Authority (APEDA). The goal is to certify and regulate organic exports. Under this programme, NPOP accredits certification bodies that verify Internal Control Systems (ICS). After ICS verification, a transaction certificate is issued, declaring the group as organic. These ICSs are clusters of 25 to 500 farmers growing organic cotton and presently there are about 6,046 ICS groups and 35 certification agencies. He added that these farmer groups receive ₹5,000 per hectare for three years to promote organic farming. Certification is crucial in this process, as it significantly increases the international market value of the produce. 'Most farmers shown as registered in these ICS groups neither grow organic cotton nor are aware of their inclusion in the system. These ICS groups have deliberately committed fraud by including farmers' names to obtain transaction certificates,' he said. 'Fake groups were also formed in Madhya Pradesh, and farmers were unaware they had been made members,' he added. He further said some powerful traders are making six times the profit by selling non-organic cotton as organic. Citing instances where the U.S. Department of Agriculture, the European Union, and the Global Organic Textile Standard revoked the accreditation of Indian certifiers, Mr. Singh said India is now seen as a hub of fraud in the organic product market. He said that he had written to the Prime Minister in August 2024, flagging the organic cotton fraud in Madhya Pradesh. 'I got a reply from Commerce Minister Piyush Goyal acknowledging the irregularities, (but) no appropriate action was taken,' Mr. Singh said. He demanded criminal proceedings against all 192 fraudulent ICS groups, an investigation into these groups, and fair compensation for the exploited farmers.
