Leading Cybersecurity Firm Predicts More Threats to Industrial Organizations in 2023
Kaspersky ICS CERT researchers share their predictions for next years’ industrial control system-focused developments as well as risks that organizations should prepare for in 2023.
#automation #iiot #controls
Share
Kaspersky ICS CERT researchers share their predictions for next years’ industrial control system-focused developments as well as risks that organizations should prepare for in 2023. These predictions include increased attack surface due to digitization, activities of volunteer and cybercriminal insiders, ransomware attacks on critical infrastructure as well as the technical, economic and geopolitical effects on the quality of threat detection and the rise of potential vulnerabilities being exploited by attackers.
These predictions are the sum of the opinions from Kaspersky’s ICS CERT team based on their collective experience in researching vulnerabilities, attacks, and incident response, as well as the experts’ personal vision of the main vectors driving changes in the threat landscape.
New risks and changes in threat landscape
Kaspersky experts predict a shift in advanced persistent threat (APT) activity against industrial organizations and operational technology (OT) systems in new industries and locations. Sectors such as the alternative energy sector and the energy sector as a whole, agriculture, logistics and transport are likely to see more attacks next year. Traditional targets such as the military industrial complex and the government sector will also remain a focus.
Attack surfaces will also increase due to digitization in a race for higher efficiency in IIoT and SmartXXX, including systems for predictive maintenance and digital twin technology. This trend is supported by the statistics of attacks on Computerized Maintenance Management Systems (CMMS) in the first half of 2022. Top-10 countries that had these systems attacked are seen as countries with higher levels of security.
The risks of expanding attack surface are also connected to the rising energy carrier prices and the resulting rises in hardware prices. This would force many enterprises to abandon plans to deploy on premise infrastructure in favor of cloud services from third party vendors and may also affect some IS budgets.
Organizations may face new risks such as a decrease in quality threat detection due to communication breakdowns between information security developers and researchers located in countries currently in conflict. We may also face a decrease in the quality of threat intelligence leading to unsupported attribution and government attempts to control information about incidents, threats and vulnerabilities. The growing role of governments in the operational processes of industrial enterprises, including connections to government clouds and services, which would sometimes be less protected than the market-leading private ones, also leads to additional IS risks. Thus, there is an increased risk of confidential data leaks due to the noticeable number of under-qualified employees in government institutions as well as a still developing internal culture and practices for responsible disclosure.
New techniques and tactics to watch out for in future attacks
Kaspersky ICS CERT researchers also listed top techniques and tactics expected to flourish in 2023:
- Phishing pages and scripts embedded on legitimate sites
- Phishing emails about current events with especially dramatic subjects, including political events
- Documents stolen in previous attacks on related or partner organizations being used as bait in phishing emails
- The spread of phishing emails from compromised employees’ and partners’ email boxes disguised as legitimate work correspondence
- Attacks on cloud services
- Using configuration errors in security solutions, for instance, the ones allowing to disable an antivirus solution
- Using popular cloud service as CnC. Even after an attack is identified, the victim might still be unable to block the attacks because important business processes could depend on the cloud
“We saw that cybersecurity incidents were plentiful in 2022 causing many problems for ICS owners and operators. However, we did not see any sudden or catastrophic changes in the overall threat landscape, none that were difficult to handle, despite many colorful headlines in the media,” said Evgeny Goncharov, head of Kaspersky’s ICS CERT. “As we analyze incidents of 2022, we must profess that we have entered an era where the most significant changes in the ICS threat landscape are mostly determined by geopolitical trends and the subsequent macroeconomic factors. Cybercriminals are naturally cosmopolitan; however, they do pay close attention to political and economic trends as they chase easy profits and ensure their personal safety. We hope that our analysis of future attacks will prove helpful to organizations to prepare for new and emerging threats.”
These predictions are a part of Kaspersky Security Bulletin (KSB), an annual predictions series and analytical articles on key changes in the world of cybersecurity. Read the full ICS predictions for 2023 report on Securelist. Click here to look at other KSB pieces.
RELATED CONTENT
-
Piping Codes and Valve Standards
As with every intended use for valves, piping carries its own set of standards that valve companies and users need to understand.
-
PETRONAS and Emerson to Collaborate on Digital Transformation and Decarbonization
Memorandum of Understanding signed, will enhance remote operations and strengthen cybersecurity while reducing carbon footprint.
-
Five Reasons Why the Right Strategy Leads to the Success of Digital Transformation Implementation
The past few years have proven that digital transformation (DT) is more than just a trend. It is becoming one of the frontrunners for ensuring business continuity through modernizing times. However, despite being an essential component for adaptability in a competitive industry, not all companies would consider their DT implementation a success.
 Unloading large gate valve.jpg;maxWidth=214)
