Home News ICS is Becoming a Hot Favorite of Threat Actors: Kaspersky Report

ICS is Becoming a Hot Favorite of Threat Actors: Kaspersky Report

After seeing a downward trend in H2 2019 and H1 2020, the attacks on industrial control systems (ICS), especially in developed nations, are spiraling upwards.


ICS (Industrial Control System) or SCADA have faced large volumes of attacks from notorious threat actors in the recent past. Be it the China-linked group RedEcho targeting the Indian power sector or an unidentified cybercriminal attempting to poison Florida city’s water supply and treatment plant, the attacks have not just evolved but have become a “life-threatening” affair. Backing these citations, a report from Kaspersky now confirms that 33.4% of ICS computers worldwide were hit by a cyberattack in H2 2020.

Kaspersky Report

The report from Kaspersky titled, “The Industrial Control System Threat Landscape 2020,” is based on the data received from ICS computers that are running Kaspersky security products and hosted in networks of industrial infrastructures. Kaspersky researchers observed a downward trend in H2 2019 and H1 2020 when it came to cyberattacks targeting the ICS infrastructure.

cyberattacks on ICS
% of ICS Computers Attacked Globally. Image Credit: Kaspersky

As per statistics, the percentage of ICS computers targeted with a cyberattack in the second half of the year was 33.4%, which was 0.85% more than the number in H1 2020. In other key observations of the report, the ICS computers targeted on a global level with ransomware attacks dropped from 0.63% in H1 2020 to 0.49% in H2 2020. However, when it came to developed nations, these numbers saw a contrasting surge. The U.S. and Canada saw a +0.25% spike, whereas Australia with +0.23% and Western Europe with +0.13% were not lagging either. One of the most surprising names in this list though is Saudi Arabia. The country saw the maximum growth in the number of attacks with a +8.2% rise.

Related News:

RedEcho Attacked 10 Indian Power Sector Companies and 2 Seaports: Recorded Future

Apart from this, Kaspersky researchers termed the COVID-19 remote working scenario as one of the prime reasons why threat actors were majorly targeting the ICS infrastructure’s RDP setup. The majority of the attacks took place through this and we already mentioned one such example.

For a brief overview of the other findings from the report, refer the infographic below:

cyberattacks on ICS
Image Credit: Kaspersky

Related News:

Cybercriminals Attempt Poisoning Florida City’s Water Supply