CyberSecurityBoard
Sponsor Register Login

Threat landscape for industrial automation systems, Q1 2024

In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp.
Percentage of ICS computers on which malicious objects were blocked, by quarter, 2022-2024.
Building automation has historically led the surveyed industries in terms of the percentage of ICS computers on which malicious objects were blocked.
Percentage of ICS computers on which malicious objects were blocked in selected industries.
In the first quarter of 2024, Kaspersky's protection solutions blocked malware from 10,865 different families belonging to various categories on industrial automation systems.
Percentage of ICS computers on which the activity of malicious objects in various categories was prevented.
Compared to the previous quarter, in the first quarter of 2024, the most significant increase in the percentage of ICS computers on which malicious objects in various categories were blocked was detected for AutoCAD malware: by 1.16 times.
In the first quarter of 2024, the percentage of ICS computers on which threats from various sources were blocked decreased for every major source.
Percentage of ICS computers on which malicious objects from various sources were blocked.
Regionally, the percentage of ICS computers that blocked malicious objects during the quarter ranged from 32.4% in Africa to 11.5% in Northern Europe.
Regions ranked by percentage of ICS computers where malicious objects were blocked, Q1 2024.
The two regions with the highest percentage of attacked ICS computers, Africa and South-East Asia, saw their percentages increase from the previous quarter.
Malicious objects used for initial infection of computers deliver next-stage malware - spyware, ransomware, and miners - to victims' computers.
As a rule, the higher the percentage of ICS computers on which initial infection malware is blocked, the higher the percentage of next-stage malware.
Miners in the form of Windows executable files are seventh in the global rankings of threat categories by percentage of ICS computers on which they were blocked.
We should note that during Q1 2024, the percentage of ICS computers on which miners in the form of Windows executable files were blocked increased in all regions except for Russia and Central Asia.
In Q1 2024, the percentage of ICS computers on which browser-based web miners were blocked increased in all regions except for Russia and Central Asia.
Globally, worms are in sixth place in the threat category ranking by percentage of ICS computers on which they were blocked.
In Southeast Asia, viruses are in first place in the threat category rankings by percentage of ICS computers on which they were blocked.
Normally, AutoCAD malware is a minor threat that usually comes last in the malware category rankings by percentage of ICS computers on which it is blocked.


This Cyber News was published on securelist.com. Publication date: Mon, 27 May 2024 10:13:06 +0000


Cyber News related to Threat landscape for industrial automation systems, Q1 2024

Energy-Efficient Home Automation: Saving the Planet and Your Wallet - Home automation solutions offer an array of benefits, from improved convenience to decreased energy bills. This article will explore the types of home automation systems available, as well as their cost and potential for energy efficiency. The ...
1 year ago Securityzap.com Meow
Home Automation for All: Enabling Independence - As technology advances, home automation provides a sense of empowerment for elderly and disabled individuals. Home automation for the elderly and disabled reduces dependence on others and promotes independence in the home environment. Home automation ...
1 year ago Securityzap.com
How to Get Started With Security Automation: Consider the Top Use Cases Within Your Industry - As the cybersecurity industry has matured, so has the approach security teams take to making decisions about investing in security tools. Instead of focusing on the latest product or technology, security professionals are focused on use cases such as ...
1 year ago Securityweek.com
20 Best Endpoint Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive endpoint security against many threats.The user interface may overwhelm some users.Machine learning for real-time threat detection.Integration with existing systems may be complex.A central management ...
2 weeks ago Cybersecuritynews.com
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
1 year ago Feedpress.me
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
1 year ago Feeds.dzone.com
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
1 year ago Microsoft.com Kimsuky
CVE-2024-54092 - A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All versions), Industrial Edge Device Kit - arm64 V1.20 ...
2 weeks ago
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
1 year ago Techrepublic.com
Automating Threat Intelligence: Tools And Techniques For 2025 - Automated threat intelligence leverages artificial intelligence (AI), machine learning (ML), and orchestration platforms to collect, analyze, and act on vast amounts of threat data in real time. These platforms offer features like real-time threat ...
1 week ago Cybersecuritynews.com
How to Use Threat Intelligence Feeds for SOC/DFIR Teams - Threat intelligence feeds provide real-time updates on indicators of compromise, such as malicious IPs and URLs. Security systems can then ingest these IOCs to identify and block potential threats, which essentially grants organizations immunity to ...
11 months ago Cybersecuritynews.com
AI and Automation - In recent years, developments in artificial intelligence and automation technology have drastically reshaped application security. On one hand, the progress in AI and automation has strengthened security mechanisms, reduced reaction times, and ...
1 year ago Feeds.dzone.com
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com CVE-2023-42793 APT29
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
1 year ago Techrepublic.com
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security - PRESS RELEASE. FOXBOROUGH, Mass. , Jan. 3, 2024 /PRNewswire/ - Industrial Defender, the leading provider of OT asset data and cybersecurity solutions for industrial organizations, is excited to announce the launch of the Industrial Defender Risk ...
1 year ago Darkreading.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com LockBit
How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
1 year ago Cyberdefensemagazine.com Hunters
CVE-2024-2637 - An authenticated local attacker who successfully exploited this vulnerability could insert and run arbitrary code using legitimate B&R software's. An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R ...
11 months ago Tenable.com
Top 6 Cybersecurity Threat Detection Use Cases - DZone - AI/ML tools and technologies heavily influence the modern digital landscape by introducing numerous use cases involving AI-based malware detection, preventing social engineering attacks, and threat identification and remediation. AI/ML tools can ...
6 months ago Feeds.dzone.com
Threat Intelligence Feeds Flood Analysts With Data, But Context Still Lacking - By combining external threat data with internal risk assessments, contextual threat intelligence helps organizations measure the risk level of alerts or vulnerabilities in relation to their business and technical assets, ensuring that the most ...
1 week ago Cybersecuritynews.com
10 Best EDR Tools ( Endpoint Detection & Response) - 2025 - What is good?What Could Be Better ?Provides comprehensive endpoint monitoring.Some users might find the installation and configuration process of the solution tedious.Protect your entire security stack with in-depth threat intelligence.Some users ...
4 weeks ago Cybersecuritynews.com
Top 10 XDR (Extended Detection & Response) Solutions - 2025 - CrowdStrike Falcon XDR uses this data to extend EDR outcomes and advanced threat detection across the security stack, thereby stopping breaches more quickly. It does this by using CrowdStrike’s world-class machine learning, artificial ...
2 weeks ago Cybersecuritynews.com
Achieving Continuous Compliance - If you've ever explored regulatory compliance and cybersecurity, you'll understand the importance of continuous compliance in the digital age, where evolving technology and regulations require constant vigilance. This article will cover the ...
1 year ago Feeds.dzone.com
Best practices for secure network automation workflows - Automation plays a critical role in modern networks. It helps network engineers manage networks with fewer repetitive manual tasks for greater agility. Network engineers cannot automate - or secure - what they don't understand. Understanding network ...
1 year ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)