Industrial Malware on the Rise: Kaspersky Report
According to a recent report by security researchers at Kaspersky, two out of every five (40.6%) operational technology (OT) computers used in industrial settings have been affected by malware in 2022. This represents a 6% increase compared to the previous half of the year and nearly 1.5 times more than in the second half of 2021.
Kirill Kruglov, senior researcher at Kaspersky ICS CERT, noted that 2022 has seen an abnormal absence of seasonal changes in attack rates on industrial sectors. There has been a steady high rate of attacks throughout the year, without the typical drop during summer vacations or winter holidays.
The report highlights a concerning trend of growing attacks in industrial sectors using social engineering tactics. The top two malware categories observed by Kaspersky were malicious scripts and phishing pages, which saw an increase in the second half of 2022. These tools were used by threat actors to collect information, track activity, and redirect browser requests to malicious web resources.
Malicious scripts were also found to enable the download of various malicious programs and load malware such as spyware or tools for covert cryptocurrency mining in users’ browsers.
Geographically, Northern Europe was the only region that showed a growth in malware spread via email clients. Africa, the Middle East, Asia, and Latin America were the top regions for OT computers compromised using removable devices.
Specific industries targeted by these attacks included automotive manufacturing and energy sectors, which saw substantial growth in attacks, accounting for 36.9% and 34.5% of all industries affected.
Kruglov emphasized the importance for organizations in these sectors to review their security approach, ensure all security systems are up-to-date, and provide proper training for personnel.
This data from Kaspersky follows a report by SecurityScorecard, which indicated that 48% of critical manufacturing organizations in the US are vulnerable to a data breach.