In 2023, Kaspersky forecasts changes in the threat environment for industrial control systems.

Researchers from Kasperskys ICS CERT groups shared their hopes for the next decades industrial control system changes and challenges that businesses should anticipate in 2023 . These predictions include an increase in attack surface caused by digitization, the activities of volunteer and cybercriminal insiders, and the activities of volunteer and cybercriminal insiders .

New Delhi, India, October 25 (Bloomingdale): Researchers from Kaspersky's ICS CERT groups shared their hopes for the next decade's industrial control system changes and challenges that businesses should anticipate in 2023.These predictions include an increase in attack surface caused by digitization, the activities of volunteer and cybercriminal insiders, ransomware attacks on critical infrastructure, as well as the technical, economic, and geopolitical challenges that lie ahead of them, as well as the experts' personal view of the key culprits driving change in the threat landscape.Next year, the real economy sectors such as agriculture, logistics, and transport, the renewable energy sector, and the energy industry as a whole, are expected to see more attacks, as are high-tech, pharmaceuticals, and medical equipment producers.In addition, traditional targets, such as the military industrial complex, and the government sector, will also remain.

According to statistics, attacks on Computerized Maintenance Management Systems (CMMS) in the first half of 2022 have accelerated this trend.The top ten countries that were attacked include countries with higher levels of protection.Top ten countries are ranked by the number of CMMS attacked in H1 2022.The challenges of expanding attack surface are also linked to rising energy carrier prices and the resultant increases in hardware prices, which could force many businesses to abandon initiatives to deploy on premise infrastructure in favor of cloud services from third party vendors, which may also impact some IS budgets.

These insiders may be present in manufacturing units, as well as software manufacturers, product providers, and service providers.The geopolitical ebb and flow of trusted partnerships, which have a global effect on the state of cybersecurity in ICS, will increase in 2023.Outside of the rise of hacktivist activities aimed at internal and external political ideologies, which may be more effective, we may see more ransomware attacks on critical infrastructure, since it will be easier to prosecute such attacks in the countries considered to be enemies.New alternative solutions that have been developed domestically may also result in new risks, such as software with security configuration defects and simple zero-day vulnerabilities, making them accessible to both cybercriminals and hacktivists.

We could also face a decline in the accuracy of threat intelligence, which can lead to unsupported attribution and government attempts to control information about incidents, threats, and vulnerabilities.Government involvement in the business operations of firms is accelerating, with connections to government clouds and applications, which can be difficult to find than market-leading private ones, which in turn leads to increased IT risks.Due to the large number of underqualified workers in government organizations, as well as a still evolving internal culture and practices for responsible disclosure, key functions and tactics are being used in phishing emails Exploiting common configuration errors in standard software, including DLL Hijacking and BYOVD, to bypass air gaps.In 2023, ICS CERT researchers highlighted three key features:- Phishing emails from compromised employees and partners email boxes disguised as legitimate work correspondence;- The use of incomplete Despite the fact that many colorful headlines have surfaced, we did not see any sudden or catastrophic changes in the overall threat landscape, none of which were difficult to deal with.

Cybercriminals are naturally cosmopolitan, but they pay close attention to social and economic developments as they pursue easy income and guarantee their personal security.We hope that our report of upcoming attacks will help businesses to cope with new and emerging threats, according to Evgeny Goncharov, the head of Kasperskys ICS CERT.Dipesh Kaura, the General Manager for South Asia, said that today's hyper-connected technology-driven world requires us to rethink our cybersecurity strategy.Experts from ICS CERT predict a record number of destructive and devastationous cyberattacks affecting industrial control systems.Cyber teams will be the talking point of more events in 2023 than ever before.

Companies must focus on the weaknesses in their networks and protect their organization from cyberattacks.Kaspersky is focusing on producing cyber-protection devices that have innate resistance against cyber attacks.We will continue to provide customers with products such as the Endpoint Detection and Response Expert, while also educating businesses about a happier and more resilient digital world.These predictions are part of Kaspersky Security Bulletin (KSB), an annual series of forecasts and analysis papers on the latest cybersecurity trends.

To see what Kaspersky specialists expect to see in the ICS threats landscape in 2022, please refer to our previous yearly report.Kaspersky's vast threat intelligence and threat intelligence team is constantly evolving into cutting-edge cyber defence solutions and services to protect businesses, critical infrastructure, governments, and consumers around the globe.To fight complex and evolving digital threats, the company's robust data protection portfolio includes leading endpoint security and a variety of unique security products and services.Kaspersky products protect over 400 million people, and we help 240,000 business customers protect what matters most to them.

.
.
.
.