CyberSecurityBoard
Sponsor Register Login

Threat landscape for industrial automation systems. H2 2023

In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year.
In H2 2023, building automation once again had the highest percentage of ICS computers on which malicious objects were blocked of all industries that we looked at.
In H2 2023, only one category saw an increase on the first half of the year: ICS computers on which miner executable files for Windows were blocked, by 1.4 times.
In H2 2023, the percentage of computers on which malicious activity was prevented varied across regions from 38.2% in Africa to 14.8% in Northern Europe.
Regions ranked by percentage of ICS computers on which malicious objects were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which spyware was blocked, H2 2023.
Regions ranked by percentage of ICS computers on which worms were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which browser-based web miners were blocked, H2 2023.
By percentage of ICS computers on which removable media threats were blocked Regions ranked by percentage of ICS computers on which removable media threats were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which malicious email attachments and phishing links were blocked, H2 2023.
Eastern Europe Saw the largest, among all regions, increase in the percentage of ICS computers on which malicious objects were blocked in H2 2023: 6 pp.
Second among the regions by percentage of ICS computers on which malicious scripts and phishing pages were blocked.
In the six-month period, the region saw a rise in the percentage of ICS computers on which the following were blocked: Russia Central Asia Leads the regions by percentage of ICS computers on which denylisted internet resources were blocked.
Regions ranked by percentage of ICS computers on which denylisted internet resources were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which miners in the form of executable files for Windows were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which viruses were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which ransomware was blocked, H2 2023.
Regions ranked by percentage of ICS computers on which malicious scripts and phishing pages were blocked, H2 2023.
Regions ranked by percentage of ICS computers on which malicious documents were blocked, H2 2023.
Second among the regions by percentage of ICS computers on which malicious email attachments and phishing links were blocked.


This Cyber News was published on securelist.com. Publication date: Tue, 19 Mar 2024 10:13:08 +0000


Cyber News related to Threat landscape for industrial automation systems. H2 2023

Energy-Efficient Home Automation: Saving the Planet and Your Wallet - Home automation solutions offer an array of benefits, from improved convenience to decreased energy bills. This article will explore the types of home automation systems available, as well as their cost and potential for energy efficiency. The ...
6 months ago Securityzap.com
Home Automation for All: Enabling Independence - As technology advances, home automation provides a sense of empowerment for elderly and disabled individuals. Home automation for the elderly and disabled reduces dependence on others and promotes independence in the home environment. Home automation ...
6 months ago Securityzap.com
How to Get Started With Security Automation: Consider the Top Use Cases Within Your Industry - As the cybersecurity industry has matured, so has the approach security teams take to making decisions about investing in security tools. Instead of focusing on the latest product or technology, security professionals are focused on use cases such as ...
5 months ago Securityweek.com
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
6 months ago Feedpress.me
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
5 months ago Securityintelligence.com
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
5 months ago Feeds.dzone.com
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
4 months ago Microsoft.com
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
4 months ago Techrepublic.com
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
6 months ago Feeds.fortinet.com
How to Use Threat Intelligence Feeds for SOC/DFIR Teams - Threat intelligence feeds provide real-time updates on indicators of compromise, such as malicious IPs and URLs. Security systems can then ingest these IOCs to identify and block potential threats, which essentially grants organizations immunity to ...
1 month ago Cybersecuritynews.com
AI and Automation - In recent years, developments in artificial intelligence and automation technology have drastically reshaped application security. On one hand, the progress in AI and automation has strengthened security mechanisms, reduced reaction times, and ...
6 months ago Feeds.dzone.com
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
4 months ago Techrepublic.com
How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
5 months ago Cyberdefensemagazine.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
6 months ago Darkreading.com
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security - PRESS RELEASE. FOXBOROUGH, Mass. , Jan. 3, 2024 /PRNewswire/ - Industrial Defender, the leading provider of OT asset data and cybersecurity solutions for industrial organizations, is excited to announce the launch of the Industrial Defender Risk ...
5 months ago Darkreading.com
CVE-2024-2637 - An authenticated local attacker who successfully exploited this vulnerability could insert and run arbitrary code using legitimate B&R software's. An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R ...
1 month ago Tenable.com
Achieving Continuous Compliance - If you've ever explored regulatory compliance and cybersecurity, you'll understand the importance of continuous compliance in the digital age, where evolving technology and regulations require constant vigilance. This article will cover the ...
6 months ago Feeds.dzone.com
Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats - In the world of emerging cybersecurity threats, understanding the significance of threat intelligence is crucial and can not be ignored. Threat intelligence involves the systematic collection, analysis, and application of data to understand potential ...
5 months ago Hackread.com
Best practices for secure network automation workflows - Automation plays a critical role in modern networks. It helps network engineers manage networks with fewer repetitive manual tasks for greater agility. Network engineers cannot automate - or secure - what they don't understand. Understanding network ...
6 months ago Techtarget.com
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
5 months ago Securityboulevard.com
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
6 months ago Microsoft.com
New Tool Set Found Used Against Organizations in the Middle East, Africa and the US - Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. We will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors' activity. We ...
6 months ago Unit42.paloaltonetworks.com
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
4 months ago Thedfirreport.com
Creating a New Market for Post-Quantum Cryptography - A day in the busy life of any systems integrator includes many actions that revolve around the lifeblood of its business - its customers. Systems integrators help solve evolving customer business challenges, which in turn adds partner value. It's a ...
6 months ago Securityboulevard.com
Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor's Activity - By analyzing tools, logs and artifacts left open to the internet, we were able to profile the threat actor and their victims. After analyzing the artifacts we can conclude with moderate confidence that the majority of the threat actor activity ...
6 months ago Thedfirreport.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)