Kaspersky has evaluated the data from its industrial cybersecurity solutions (ICS-Cert). In the second half of 2, over 2022 malware families were detected and blocked. Overall, this is a slight decline compared to the first half of the year. Most attacks started with malicious scripts, phishing sites or spyware.
In the second half of 2022, Kaspersky's security solutions blocked malware from 1.292 different families on industrial systems in the areas of building automation, automotive, oil and gas, energy or mechanical engineering in the DACH region. Compared to the previous half year (16 percent) and the second half of 2021 (21 percent), the number has decreased.
Malicious scripts and phishing sites (JS and HTML; 4,6 percent) accounted for the majority of threats. Malicious Internet resources (3,8 percent) and spyware (2,5 percent) followed closely. These findings emerge from a recent analysis by Kaspersky ICS CERT, which basically states: Cyber attacks on OT (operational technology) computers of companies in the industrial sector are not decreasing.
Germany: 203 million euros in damage from cyber attacks
Industrial companies in Germany, Austria and Switzerland are therefore still a popular target for cybercriminals. According to Bitkom, the amount of damage caused by cyber attacks last year was around 203 billion euros in Germany alone.
More worldwide results
In an international comparison, however, industrial companies in the DACH region are attacked less frequently; Globally, 2022 percent of computer malware was blocked in the second half of 34,3. Kaspersky's security solutions stopped malware from 7.684 different families on industrial automation systems such as building automation, automotive, oil and gas, energy and mechanical engineering worldwide. This corresponds to a slight increase of 6 percent compared to the previous half year. Furthermore:
- The Middle East was hit hardest by ransomware attacks.
- Northern Europe was the only region to see an increase in ransomware attacks and malware distribution via email clients.
- there were more affected OT computers in the automotive industry (up 4,6 percentage points) and in the energy sector (up 1 percentage point) than in the first half of 2022.
"Looking back, 2022 stands out for the lack of seasonal changes," comments Stephan Gerling, Senior Security Researcher at ICS CERT at Kaspersky. “We observed a consistently high number of attacks on the industrial sector – without the typical drop in attacks during the summer or winter holidays. However, the increasing rates of attacks in the industry carried out with social engineering are alarming. We therefore urge customers in this industry to reconsider their security concept, to update all security systems and to train their staff regularly.”
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/