Latest news with #KasperskyICSCERT
Time of India
09-07-2025
- Business
- Time of India
Surge in ICS Attacks: Biometrics and Building Automation at Highest Risk in South Asia, ET CISO
In South Asia, the highest number of attacks on ICS (Industrial Control Systems) in Q1 2025 targeted critical sectors such as Biometrics, Building Automation, and Electric Power. The three other heavily targeted sectors were Engineering & ICS Integration, Manufacturing, and Construction. These insights come from a new report by Kaspersky ICS CERT (Industrial Control Systems Cyber Emergency Response Team). 'Our research shows that in the region, critical sectors such as biometrics, manufacturing, and energy remain prime targets for cybercriminals, underscoring the urgent need for proactive defense strategies, continuous monitoring, and robust industrial cybersecurity practices,' says Jaydeep Singh, General Manager for India at Kaspersky. 'Notably, nearly one in five ICS systems in India experienced malicious activity. As threat actors grow more persistent and sophisticated, organizations must enhance visibility across both IT and OT environments and invest in tailored security frameworks to safeguard critical operations.' Advt Advt The Kaspersky report reveals that in South Asia, the biometrics sector faced the highest number of ICS (Industrial Control Systems) threats in Q1 2025, with malicious objects blocked on 28.1% of ICS computers, matching the global average. Biometrics, used for secure authentication and identification, continues to be a high-risk target for Automation was the second-most affected sector, with 23.4% of ICS computers fending off threats. This industry, which manages energy efficiency, security, and comfort systems in smart buildings, remains vulnerable due to its reliance on interconnected Electric Power sector ranked third, with over 22% of ICS computers exposed to threats. Given its role as part of South Asia's critical infrastructure, this sector's cybersecurity posture is vital to national most industry sectors in the region recorded ICS threat levels below the global average—except manufacturing. In this sector, 18% of ICS computers were targeted, slightly above the global figure of 17.6%.Overall, South Asia saw a marginal rise in ICS attacks, with threats blocked on 21% of systems in Q1 2025, up from 20.7% in the previous quarter. However, not all industries followed this upward trend. The manufacturing sector saw a slight quarter-over-quarter drop, from 18.7% in Q4 2024 to 18% in Q1 2025. Engineering and ICS Integration also declined, falling from 19.9% to 19%.'The results of our research show that revising cybersecurity measures for legacy and time-tested technologies is essential more than ever. Organizations relying on ICS should now view cybersecurity not as a cost, but as an investment in business continuity, an insurance policy that not only protects assets and data, but also maintains the trust that has been worked hard to build with customers and partners,' adds enhance ICS security in all digitally integrated sectors, Kaspersky recommends the following measures based on enterprise OT insights. Conducting regular security assessments of OT systems to identify and eliminate possible cybersecurity issues. Establishing continuous vulnerability assessment and triage as a foundation for an effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public. Performing timely updates for the key components of the enterprise's OT network, applying security fixes and patches, or implementing compensating measures as soon as it is technically possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process. Using EDR solutions such as Kaspersky Next EDR Expert for the timely detection of sophisticated threats, investigation, and effective remediation of incidents. Improving the response to new and advanced malicious techniques by building and strengthening teams' skills in incident prevention, detection, and response. Dedicated OT security training for IT security staff and OT personnel is one of the key measures helping to achieve this. By , ETCISO Join the community of 2M+ industry professionals. Subscribe to Newsletter to get latest insights & analysis in your inbox. All about ETCISO industry right on your smartphone! Download the ETCISO App and get the Realtime updates and Save your favourite articles.
Biz Bahrain
16-05-2025
- Business
- Biz Bahrain
Biometrics and building automation systems were the most attacked operational technology sectors at the beginning of 2025
In Q1 2025, malicious objects were blocked on 21.9% of ICS computers globally, according to a new report by Kaspersky ICS CERT (Industrial Control Systems Cyber Emergency Response Team). Regionally this share varied: from 10.7% in Northern Europe to 29.6% in Africa. From Q4 2024 to Q1 2025, the share of ICS computers on which malicious objects were blocked increased in Russia (by 0.9 p.p.), Central Asia (by 0.7 p.p.), South Asia (by 0.3 p.p.), Western Europe (by 0.2 p.p.), Northern Europe (by 0.1 p.p.) and Southern Europe (by 0.1 p.p.). The share of ICS computers with blocked malicious objects, per region Threats by industries The biometrics sector was targeted more than any other industry vertical (malicious objects were blocked on 28.1% of ICS computers), followed by building automation (25%), electric power facilities (22,8%), construction facilities (22.4%), engineering equipment (21.7%), oil & gas facilities (17.8%), and manufacturing (17.6%). Main threat sources The OT cyberthreat landscape at the beginning of 2025 remained diverse, with threats spreading via the internet continuing as the main source of cyber risks to OT computers (these threats were blocked on 10.11% of ICS computers), followed by email clients (2.81%) and removable media at (0.52%). 'As the internet remains the primary source of threats to ICS computers, in the first quarter of 2025, the share of ICS computers attacked with malware spread via the internet increased for the first time since the beginning of 2023. The main categories of threats from the internet are denylisted internet resources, malicious scripts and phishing pages. Malicious scripts and phishing pages is the leading category of malware used for initial infection of ICS computers – they act as droppers of next-stage malware, such as spyware, crypto miners and ransomware. The rise in internet-based attacks on ICS highlights the critical need for advanced threat detection to counter sophisticated malware campaigns,' commented Evgeny Goncharov, Head of Kaspersky ICS CERT. To keep OT computers protected from various threats, Kaspersky experts recommend: • Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues. • Establishing continuous vulnerability assessment and triage as a foundation for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public. • Performing timely updates for the key components of the enterprise's OT network; applying security fixes and patches or implementing compensating measures as soon as it is technically possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process. • Using EDR solutions such as Kaspersky Next EDR Expert for timely detection of sophisticated threats, investigation, and effective remediation of incidents. • Improving the response to new and advanced malicious techniques by building and strengthening teams' skills in incident prevention, detection, and response. Dedicated OT security trainings for IT security staff and OT personnel is one of the key measures helping to achieve this. The full report on ICS threats for Q1 2025 is available by the link.
