In the second quarter of 2024, 35 cases of cyberattacks were recorded in the industrial sector worldwide, which is 16% more than in the previous quarter. And these are only official data. "Confirmed incidents" were counted by analysts at Kaspersky ICS CERT, a center that studies the security of industrial systems and responds to information security incidents. Most of the attack victims are manufacturing enterprises from various industries.
In Russia, this problem is also acute. According to the National Coordination Center for Computer Incidents (NCCCI), in 2023, the number of cyberattacks on critical information infrastructure facilities increased by 16%, reaching 65,000.
It turned out that in the industrial sector, many companies do not have time to modernize their protection systems or have difficulty tracking cyber threats.
In addition, due to the increasing level of digitalization, the number of potential entry points for attackers is increasing. For example, some manufacturers of Internet of Things devices still use serial numbers to create encryption keys and authentication data, which makes it easier to prepare attacks on these devices, as experts at Kaspersky ICS CERT emphasize.
The consequences of attacks can be extremely serious. From leakage of confidential information to production shutdowns, all of this leads to financial losses and a negative impact on the company's reputation.
Recently, hackers have been increasingly using attacks through counterparties and contractors. This approach allows attackers to gain access to dozens of customer companies through one organization.
It takes more time to detect such incidents, since the actions of attackers often look like legitimate actions of a contracting organization to the affected party.
According to a study conducted by Positive Technologies in the field of cybersecurity in the industrial sector in 2024, in the first three quarters of this year, ransomware was used in 52% of cases of malicious software. The most common result of such attacks was the leakage of confidential data, which occurred in 65% of successful cases. Trade secrets turned out to be the most attractive for cybercriminals, accounting for 37% of stolen information. At the same time, disruption of the core business of companies was observed in every third successful attack.
Read more on the topic:
Hackers attack Russian military units, defense industry enterprises and military support funds
Hackers from Russia hacked an American company using WI-FI
Fraudsters began offering Russians investments in the Russian military-industrial complex
