Skip to main content

Kaspersky reports a rise in attacks on oil and gas industries in second half of 2023

March 19, 2024

Woburn, MA – March 19, 2023 — Kaspersky ICS CERT unveils an analysis of Operational Technology (OT) cybersecurity trends for the second half of 2023. The report offers insight into the evolving threat landscapes globally and regionally, as well as within specific industries.

Kaspersky's analysis shows a decrease in the percentage of Operational Technology, or OT computers attacked, to 31.9% in the second half from 34.0% in the first half of 2023. This drop moves the attack rate closer to the levels observed in 2020, with a yearly average of 38.6% of OT computers attacked in 2023. Despite this reduction, the landscape of threats remained diverse and multifaceted over the past year, with threats spreading via internet continuing as the main source of cyber risks to OT computers, accounting for 18.1% of the attacks, followed by email clients at 4.0% and removable media at 1.9%.

A concerning finding is the 1.4-fold global increase ICS systems on which miner executables for Windows were blocked in H2 2023 compared to H1 2023. This highlights the evolving tactics employed by threat actors, who are increasingly seeking to exploit vulnerabilities and leverage ICS infrastructure for their own financial gain. Additionally, this may signify a shift in attackers' focus towards more discreet exploitation techniques.

Kaspersky's analysis delves deeper, revealing regional variations in the threat landscape. In H2 2023, the percentage of computers on which malicious activity was prevented varied across regions from 38.2% in Africa to 14.8% in Northern Europe. South Asia, Eastern and Southern Europe were the regions that witnessed increases in the blocking of malicious objects.

The report also emphasizes the importance of taking care of country-specific cybersecurity problems. The data shows a stark disparity in the impact of threats across different nations (e.g., Yemen: 56.6% blocked objects, Iceland: 7.4%).

Focusing on specific industries, the report identifies building automation as the most targeted sector (H2 2023: highest percentage of blocked objects). The oil and gas sector display a fluctuating trend, experiencing a slight increase in attacks in H2 2023 after a period of decline.

“Although the general exposure of the Global OT infrastructure to cyberthreats decreased in the second half of 2023, industrial companies should continue fortify their defenses and stay ahead of ever-evolving threats,” said Evgeny Goncharov, head of Kaspersky’s ICS CERT. “Our report includes regional-, country- and industry-specific breakdowns of threats capable of reaching out to OT systems, which can help organizations to tailor their cybersecurity strategies.”

Read the full report on ICS threats in H2 2023 here.

To keep your OT computers protected from various threats, Kaspersky experts recommend:

  • Conducting regular security assessments of OT systems to identify and eliminate possible cyber security issues.
  • Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available in public.
  • Performing timely updates for the key components of the enterprise’s OT network; applying security fixes and patches or implementing compensating measures as soon as it is technically possible is crucial for preventing a major incident that might cost millions due to the interruption of the production process.
  • Using EDR solutions such as Kaspersky Endpoint Detection and Response for timely detection of sophisticated threats, investigation, and effective remediation of incidents.
  • Improving the response to new and advanced malicious techniques by building and strengthening your teams’ incident prevention, detection, and response skills. Dedicated OT security trainings for IT security teams and OT personnel is one of the key measures helping to achieve this.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.


Media Contact:

Cassandra Faro

Cassandra.Faro@Kaspersky.com

781-503-1812

 

Kaspersky reports a rise in attacks on oil and gas industries in second half of 2023

Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases