Cyber threats to 27.2% of industrial systems in Pakistan: Kaspersky reports
Islamabad: Kaspersky’s report on the cybersecurity landscape for industrial control systems (ICS) in the second quarter of 2024 has indicated a 20% rise in ransomware attacks compared to the previous quarter. The report highlights an escalating threat to critical infrastructure sectors globally, with ransomware and spyware presenting the most significant dangers.
According to Kaspersky Security Network statistics, 23.5% of ICS computers worldwide were vulnerable to cyber threats in Q2 2024. In Africa, ICS systems faced the highest exposure, with 30% of computers under attack, while Pakistan reported a figure of 27%.
Cyber Attacks on young gamers increased by 30% in 2024
Ransomware incidents surged, with the proportion of ICS computers affected by ransomware increasing by 1.2 times from the previous quarter. Kaspersky’s report also emphasizes ongoing vulnerabilities to scripts and phishing pages, as well as spyware—including backdoors, keyloggers, and trojans—which are frequently employed for data theft and facilitating additional attacks like ransomware.
“Our findings indicate that although the total number of attacks on operational technology (OT) computers has slightly decreased, the uptick in ransomware and spyware is alarming,” stated Evgeny Goncharov, head of Kaspersky’s ICS Cyber Emergency Response Team. “High-impact malware such as ransomware can disrupt critical operations across any industry. Phishing pages and spyware are often utilized to steal corporate credentials, which can then be used for further infiltration into the target’s infrastructure or sold on dark web marketplaces for future exploitation by ransomware groups, hacktivists, and advanced persistent threat (APT) actors. Overexposure of OT infrastructures to these threats significantly heightens the risk of a catastrophic incident.”
The building automation sector experienced the highest percentage of ICS computers attacked (28.3%) during the reviewed period globally, as attackers exploited vulnerabilities in building automation networks, frequently targeting internet-facing systems and outdated software. The following sectors were also impacted: Energy (26.3%), Oil & Gas (22.5%), Engineering and ICS Integration (23.4%), and Manufacturing (11.7%).
Kaspersky experts advise conducting audits and regular security assessments of IT and OT systems, applying security patches, and implementing mitigation measures as soon as technically feasible.
To ensure robust protection of industrial networks and automation systems, specialized solutions like Kaspersky Industrial CyberSecurity should be utilized. The security team responsible for safeguarding industrial control systems should be equipped with current threat intelligence. The ICS Threat Intelligence Reporting service provides insights into existing threats, attack vectors, and critical OT vulnerabilities, along with strategies for mitigation.
For the complete report on Industrial Control Systems cybersecurity in Q2 2024, please visit the Kaspersky ICS CERT webpage.
