CyberSecurityBoard
Sponsor Register Login

Threat landscape for industrial automation systems, Q1 2024

In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp.
Percentage of ICS computers on which malicious objects were blocked, by quarter, 2022-2024.
Building automation has historically led the surveyed industries in terms of the percentage of ICS computers on which malicious objects were blocked.
Percentage of ICS computers on which malicious objects were blocked in selected industries.
In the first quarter of 2024, Kaspersky's protection solutions blocked malware from 10,865 different families belonging to various categories on industrial automation systems.
Percentage of ICS computers on which the activity of malicious objects in various categories was prevented.
Compared to the previous quarter, in the first quarter of 2024, the most significant increase in the percentage of ICS computers on which malicious objects in various categories were blocked was detected for AutoCAD malware: by 1.16 times.
In the first quarter of 2024, the percentage of ICS computers on which threats from various sources were blocked decreased for every major source.
Percentage of ICS computers on which malicious objects from various sources were blocked.
Regionally, the percentage of ICS computers that blocked malicious objects during the quarter ranged from 32.4% in Africa to 11.5% in Northern Europe.
Regions ranked by percentage of ICS computers where malicious objects were blocked, Q1 2024.
The two regions with the highest percentage of attacked ICS computers, Africa and South-East Asia, saw their percentages increase from the previous quarter.
Malicious objects used for initial infection of computers deliver next-stage malware - spyware, ransomware, and miners - to victims' computers.
As a rule, the higher the percentage of ICS computers on which initial infection malware is blocked, the higher the percentage of next-stage malware.
Miners in the form of Windows executable files are seventh in the global rankings of threat categories by percentage of ICS computers on which they were blocked.
We should note that during Q1 2024, the percentage of ICS computers on which miners in the form of Windows executable files were blocked increased in all regions except for Russia and Central Asia.
In Q1 2024, the percentage of ICS computers on which browser-based web miners were blocked increased in all regions except for Russia and Central Asia.
Globally, worms are in sixth place in the threat category ranking by percentage of ICS computers on which they were blocked.
In Southeast Asia, viruses are in first place in the threat category rankings by percentage of ICS computers on which they were blocked.
Normally, AutoCAD malware is a minor threat that usually comes last in the malware category rankings by percentage of ICS computers on which it is blocked.


This Cyber News was published on securelist.com. Publication date: Mon, 27 May 2024 10:13:06 +0000


Cyber News related to Threat landscape for industrial automation systems, Q1 2024

Energy-Efficient Home Automation: Saving the Planet and Your Wallet - Home automation solutions offer an array of benefits, from improved convenience to decreased energy bills. This article will explore the types of home automation systems available, as well as their cost and potential for energy efficiency. The ...
1 year ago Securityzap.com
Home Automation for All: Enabling Independence - As technology advances, home automation provides a sense of empowerment for elderly and disabled individuals. Home automation for the elderly and disabled reduces dependence on others and promotes independence in the home environment. Home automation ...
1 year ago Securityzap.com
How to Get Started With Security Automation: Consider the Top Use Cases Within Your Industry - As the cybersecurity industry has matured, so has the approach security teams take to making decisions about investing in security tools. Instead of focusing on the latest product or technology, security professionals are focused on use cases such as ...
11 months ago Securityweek.com
Recapping Cisco industrial IoT's journey: A year of security, simplification and innovation - In this blog, we'll take a look back at the key topics and trends that defined the industrial IoT journey in 2023. Empowering our industrial customers to digitize and secure operations at the same time has been prevalent in every conversation this ...
1 year ago Feedpress.me
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
11 months ago Securityintelligence.com
What Is Threat Modeling? - Threat modeling emerges as a pivotal process in this landscape, offering a structured approach to identify, assess, and address potential security threats. Threat Modeling Adoption and Implementation The successful adoption of threat modeling within ...
11 months ago Feeds.dzone.com
Staying ahead of threat actors in the age of AI - At the same time, it is also important for us to understand how AI can be potentially misused in the hands of threat actors. In collaboration with OpenAI, today we are publishing research on emerging threats in the age of AI, focusing on identified ...
10 months ago Microsoft.com
What Is Cyber Threat Hunting? - Cyber threat hunting involves proactively searching for threats on an organization's network that are unknown to traditional cybersecurity solutions. A recent report from Armis found that cyber attack attempts increased by 104% in 2023, underscoring ...
10 months ago Techrepublic.com
How to Use Threat Intelligence Feeds for SOC/DFIR Teams - Threat intelligence feeds provide real-time updates on indicators of compromise, such as malicious IPs and URLs. Security systems can then ingest these IOCs to identify and block potential threats, which essentially grants organizations immunity to ...
7 months ago Cybersecuritynews.com
AI and Automation - In recent years, developments in artificial intelligence and automation technology have drastically reshaped application security. On one hand, the progress in AI and automation has strengthened security mechanisms, reduced reaction times, and ...
1 year ago Feeds.dzone.com
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com
Top 7 Cyber Threat Hunting Tools for 2024 - Cyber threat hunting is a proactive security measure taken to detect and neutralize potential threats on a network before they cause significant damage. To seek out this type of threat, security professionals use cyber threat-hunting tools. With ...
10 months ago Techrepublic.com
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security - PRESS RELEASE. FOXBOROUGH, Mass. , Jan. 3, 2024 /PRNewswire/ - Industrial Defender, the leading provider of OT asset data and cybersecurity solutions for industrial organizations, is excited to announce the launch of the Industrial Defender Risk ...
11 months ago Darkreading.com
Ransomware, Data Breaches Inundate OT & Industrial Sector - Three-quarters of industrial firms suffered a ransomware attack in the past year, with far more compromises affecting operational technology than ever before - representing a surge in attacks driven by both the industrial sector's vulnerability and ...
1 year ago Darkreading.com
How to Overcome the Most Common Challenges with Threat Intelligence - Today's typical approach to threat intelligence isn't putting organizations in a place to do that. Instead, many threat intelligence tools are delivering too much uncurated and irrelevant information that arrives too late to act upon. Organizations ...
11 months ago Cyberdefensemagazine.com
Top 6 Cybersecurity Threat Detection Use Cases - DZone - AI/ML tools and technologies heavily influence the modern digital landscape by introducing numerous use cases involving AI-based malware detection, preventing social engineering attacks, and threat identification and remediation. AI/ML tools can ...
2 months ago Feeds.dzone.com
CVE-2024-2637 - An authenticated local attacker who successfully exploited this vulnerability could insert and run arbitrary code using legitimate B&R software's. An Uncontrolled Search Path Element vulnerability in B&R Industrial Automation Scene Viewer, B&R ...
7 months ago Tenable.com
Achieving Continuous Compliance - If you've ever explored regulatory compliance and cybersecurity, you'll understand the importance of continuous compliance in the digital age, where evolving technology and regulations require constant vigilance. This article will cover the ...
1 year ago Feeds.dzone.com
Best practices for secure network automation workflows - Automation plays a critical role in modern networks. It helps network engineers manage networks with fewer repetitive manual tasks for greater agility. Network engineers cannot automate - or secure - what they don't understand. Understanding network ...
1 year ago Techtarget.com
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
11 months ago Securityboulevard.com
Python in Threat Intelligence: Analyzing and Mitigating Cyber Threats - In the world of emerging cybersecurity threats, understanding the significance of threat intelligence is crucial and can not be ignored. Threat intelligence involves the systematic collection, analysis, and application of data to understand potential ...
11 months ago Hackread.com
Threat actors misuse OAuth applications to automate financially driven attacks - Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious ...
1 year ago Microsoft.com
Creating a New Market for Post-Quantum Cryptography - A day in the busy life of any systems integrator includes many actions that revolve around the lifeblood of its business - its customers. Systems integrators help solve evolving customer business challenges, which in turn adds partner value. It's a ...
1 year ago Securityboulevard.com
New Tool Set Found Used Against Organizations in the Middle East, Africa and the US - Unit 42 researchers observed a series of apparently related attacks against organizations in the Middle East, Africa and the U.S. We will discuss a set of tools used in the course of the attacks that reveal clues about the threat actors' activity. We ...
1 year ago Unit42.paloaltonetworks.com
Buzzing on Christmas Eve: Trigona Ransomware in 3 Hours - In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol host, leading to data exfiltration and the deployment of Trigona ransomware. On Christmas Eve, within just three hours of gaining initial access, ...
10 months ago Thedfirreport.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)