Kaspersky’s latest ICS threat landscape report has unveiled an alarming trend concerning industrial control system (ICS) computers in Western countries. While these systems have been increasingly targeted by cyberattacks, the percentages remain relatively low compared to other global regions.
In the first half of 2023, Kaspersky’s protective measures blocked threats on 34% of the ICS computers it safeguards, with the second quarter seeing the highest quarterly level since 2019. These ICS systems encompass various components, including SCADA servers, historians, OPC systems, workstations, HMIs, and devices for industrial automation software development.
Notably, Western Europe, the US, Canada, Australia, New Zealand, and Northern Europe experienced the highest increase in attack percentages during this period. This is significant because historically, these regions have maintained lower percentages of ICS devices targeted by malicious entities.
Western Europe saw the most substantial surge, with the percentage of attacked ICS devices rising from 14.2% in H2 2022 to 18.8% in H1 2023. Despite these increases, Western countries still encountered lower attack percentages compared to regions such as Africa, Southeast Asia, the Middle East, Central Asia, East Asia, Latin America, and Russia.
Kaspersky attributes this rise in attacks to blocked denylisted internet resources, malicious scripts, and phishing pages. Denylisted internet resources include elements like spam-sending email addresses, malicious websites, and potentially harmful apps that users attempt to download. Intriguingly, this category was the sole one to exhibit growth in the first half of the year. Kaspersky’s report highlights the evolving cybersecurity landscape for ICS systems, emphasizing the need for heightened vigilance and protection in Western nations.
