Industrial threats – Page 5

Threat landscape for industrial automation systems. H1 2020 highlights

Posted on September 24, 2020 by Kaspersky Lab ICS CERT

Beginning in H2 2019 we have observed a tendency for decreases in the percentages of attacked computers, both in the ICS and in the corporate and personal environments. The internet, removable media and email continue to be the main sources of threats in the ICS environment. Continue reading Threat landscape for industrial automation systems. H1 2020 highlights→

Incident Response Analyst Report 2019

Posted on August 6, 2020 by Ayman Shaaban

As an incident response service provider, Kaspersky delivers a global service that results in a global visibility of adversaries’ cyber-incident tactics and techniques on the wild. In this report, we share our teams’ conclusions and analysis based on incident responses and statistics from 2019. Continue reading Incident Response Analyst Report 2019→

WildPressure targets industrial-related entities in the Middle East

Posted on March 24, 2020 by Denis Legezo

Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector. Continue reading WildPressure targets industrial-related entities in the Middle East→

Managed Detection and Response analytics report, H1 2019

Posted on October 8, 2019 by Sergey Soldatov

This report contains the results of the Managed Detection and Response (MDR) service. The MDR service provides managed threat hunting and initial incident response. Continue reading Managed Detection and Response analytics report, H1 2019→

Threat landscape for smart buildings

Posted on September 19, 2019 by Kirill Kruglov

We decided to study the live threats to building-based automation systems and to see what malware their owners encountered in the first six months of 2019. Continue reading Threat landscape for smart buildings→

Incident Response report 2018

Posted on August 29, 2019 by Petr Mareichev

This report covers our team’s incident response practices for the year 2018. We have thoroughly analyzed all the service requests, customer conversations and incident response deliverables to provide you an overview in numbers. Continue reading Incident Response report 2018→

Threat Landscape for Industrial Automation Systems in H2 2018

Posted on March 27, 2019 by Kaspersky Lab ICS CERT

Kaspersky Lab ICS CERT team publishes the findings of its research on the threat landscape for industrial automation systems conducted during the second half of 2018. Continue reading Threat Landscape for Industrial Automation Systems in H2 2018→

GreyEnergy’s overlap with Zebrocy

Posted on January 24, 2019 by Kaspersky Lab ICS CERT

We have identified an overlap between GreyEnergy, which is believed to be a successor to BlackEnergy group, and a Sofacy subset called “Zebrocy”. Both used the same servers at the same time and targeted the same organization. Continue reading GreyEnergy’s overlap with Zebrocy→

APT review of the year

Posted on December 5, 2018 by Vicente Diaz

What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer. Still, with the benefit of hindsight, let’s try to approach the problem from different angles to get a better understanding of what went on. Continue reading APT review of the year→

Threat predictions for industrial security in 2019

Posted on November 26, 2018 by Kaspersky Lab ICS CERT

It should therefore come as no surprise that our predictions from last year are still linked to currently unfolding trends. And while the fog has yet to clear, we decided to focus on the major problems that will affect the work of professionals involved into the industry, in 2019. Continue reading Threat predictions for industrial security in 2019→