Kaspersky Research Finds ICS Energy Sector Under the Highest Cyberthreat Pressure

EIN Kapersky 400

Oct 23, 2019

According to the recent Kaspersky ICS CERT report, a concerning percentage of industrial control system (ICS) computers in the energy sector globally were targeted by cyberattacks in the first six months of 2019. Of the Kaspersky solutions installed on ICS computers, 41.6% experienced and blocked a cyber threat. The three main cyber threats detected in energy ICS environments included worms (7.1%), spyware (3.7%) and cryptocurrency miners (2.9%).

Industrial cyber incidents are among the most dangerous cyberattacks as they typically result in production downtime, tangible financial losses and are difficult to overcome. This is especially true when incidents occur in critical, life-supporting sectors such as energy. Malware infections can also negatively affect the availability and integrity of ICS and other systems that are part of the industrial network.

Among the threats that were detected in H1 2019, a few were particularly unique. This includes Agent Tesla, a specialized Trojan spy malware designed to steal authentication data, screenshots and data captured from web cameras and keyboards. Kaspersky products also identified and blocked cases of the Meterpreter backdoor which was being used to remotely control computers on the industrial networks of energy systems. Attacks that use the backdoor are targeted and often conducted in manual mode. Syswin, a new wiper worm written in Python and packed into the Windows executable format, was also detected. This threat can have a significant impact on ICS computers due to its ability to self-propagate and destroy data.

Kaspersky experts also analyzed the automotive manufacturing (39.3%) and building automation (37.8%) industries, taking the second and the third place respectively to the percentage of ICS computers on which malicious objects were blocked.

Additional report findings include:

  • On average, ICS computers do not operate entirely inside the security perimeter of typical corporate environments, meaning tasks related to protecting the ICS and corporate segment are, to some extent, unrelated.
  • Generally, the level of malicious activity inside the ICS segment is connected with malware activity happening in the country where the ICS environment is located.
  • In countries where the security of ICS is favorable, low levels of compromised ICS computers are attributable to protection measures and tools that are in place rather than a limited level of malicious activity.
  • Self-propagating malicious programs are very active in some countries. In the cases analyzed, these were worms designed to infect removable media (USB flash drives, removable hard drives, mobile phones, etc.). It appears that infections with worms via removable media is the most common infection scenario for ICS computers.

Source

Related Articles


Latest Articles


Changing Scene

  • Save the Date: Ontario Apprenticeship Summit 2026 – November 4, 2026

    Save the Date: Ontario Apprenticeship Summit 2026 – November 4, 2026

    July 6, 2026 Skilled Trades Ontario (STO) is pleased to announce that the third annual Ontario Apprenticeship Summit will take place during National Skilled Trades and Technology Week. Industry partners, skilled trades professionals, and apprentices are invited to attend the Toronto Congress Centre on Wednesday, November 4, 2026. The Ontario Apprenticeship Summit 2026 is focused… Read More…

  • Fort McMurray Apprentice Electrician to Represent Canada at Skilled Canada National Competition

    Fort McMurray Apprentice Electrician to Represent Canada at Skilled Canada National Competition

    July 6, 2026 In recognition of World Youth Skills Day, which underscores the vital role of skills development among young people, Skills/Compétences Canada (SCC) is proud to officially announce the 31 talented members of WorldSkills Team Canada 2026.These young competitors will begin their training to prepare for the 48th WorldSkills Competition, in Shanghai, China, which will be held… Read More…

  • Westburne Celebrates 100 Years with Brandon Trade Show

    Westburne Celebrates 100 Years with Brandon Trade Show

    July 6, 2026 Recently, Westburne hosted over 200 guests and over 60 partners and suppliers at their Brandon Trade Show to celebrate 100 years of Westburne. “Westburne’s annual Midwest Tradeshow welcomed more than 220 attendees in Brandon this year, including representatives from over 60 partner businesses and suppliers. Taking place annually for over 15 years,… Read More…

  • B.C. Expands Energy Efficiency Program to Provide No-Cost Retrofits to Homeowners, Tenants

    B.C. Expands Energy Efficiency Program to Provide No-Cost Retrofits to Homeowners, Tenants

    July 3, 2026 Together with BC Hydro, FortisBC and Natural Resources Canada, the Province is supporting families with lower incomes to save money on their utility costs through home-energy improvements.  “We are taking action to help people lower their utility bills by expanding our home energy-efficiency programming for lower-income families,” said Adrian Dix, B.C.’s Minister… Read More…