Kaspersky’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) has released predictions for cybersecurity challenges in 2024 [2] [3] [4] [5] [6]. This article examines their predictions and highlights the potential threats and consequences for industrial enterprises.
Description
According to Kaspersky’s predictions, ransomware attacks will continue to be the top threat to industrial enterprises in the coming years. These attacks have the potential to cause production or delivery disruptions, with one in six attacks expected to have this impact. The targets of these attacks include large organizations, unique product suppliers [7], and major logistics companies [3] [6] [7]. The economic and social consequences of these attacks can be severe. While the ransomware market may reach its peak and decline [1], it is unlikely that potential victims will become immune to attacks.
In addition to ransomware threats, Kaspersky predicts the rise of cosmopolitan hacktivism and the use of offensive cybersecurity for gathering threat intelligence [4]. These developments will have both positive and negative consequences. The ongoing automation and digitization of logistics and transport will lead to a greater intertwining of cyber and traditional crime [1]. This includes theft of cars, maritime piracy [1] [7], theft of goods [1], and smuggling [1] [7]. As a result, attacks on logistics and transport companies may shift from targeting IT infrastructure to vehicles themselves [1], particularly those with identical or similar internal control systems [1]. Hard-to-reach sites and specialized equipment are also vulnerable [1].
Furthermore, Kaspersky highlights the potential use of unconventional methods of monetizing attacks, such as stock market speculation [1], on economically significant enterprises [1]. The transportation and logistics industry is particularly vulnerable to these changes due to its increasing digitization [4]. Therefore, prioritizing cybersecurity [2] [4] [6] [7], avoiding ransom payments [2] [4], and improving defenses are crucial [6]. It is important to note that there is an increased likelihood of physical consequences from non-targeted attacks, as vehicles become more susceptible to malware infections [1]. The industrial sector’s cybersecurity is continuously evolving [7], and it is crucial to prioritize cybersecurity and improve defenses to protect against these threats [7]. Evgeny Goncharov [3], head of Kaspersky ICS CERT [3], emphasizes the continuous changes and increasing sophistication of cyberattacks in the industrial sector [3].
Conclusion
The predictions made by Kaspersky highlight the significant cybersecurity challenges that industrial enterprises will face in the coming years. Ransomware attacks [1] [2] [3] [5] [6] [7], cosmopolitan hacktivism [2] [4] [5] [6], and offensive cybersecurity are all expected to pose threats to these organizations. The consequences of these attacks can be severe, with potential disruptions to production and delivery. The increasing digitization of the transportation and logistics industry also opens up new vulnerabilities, such as attacks on vehicles and specialized equipment. To mitigate these risks, it is crucial for organizations to prioritize cybersecurity, improve defenses [2] [4] [6] [7], and avoid ransom payments [2] [4]. The evolving nature of cyberattacks in the industrial sector requires continuous vigilance and adaptation to ensure the protection of critical infrastructure.
References
[1] https://ics-cert.kaspersky.com/publications/reports/2024/01/31/ics-and-ot-threat-predictions-for-2024/
[2] https://www.kaspersky.it/about/press-releases/2024impennata-dei-ransomware-hacktivism-cosmopolitico-e-non-solo-le-previsioni-del-cert-ics-di-kaspersky-per-il-2024
[3] https://www.investorsobserver.com/news/qm-pr/7605155862981519
[4] https://www.darkreading.com/vulnerabilities-threats/kasperskys-ics-cert-predictions-for-2024-ransomware-rampage-cosmopolitical-hacktivism-and-beyond
[5] https://www.kaspersky.com/about/press-releases/2024ransomware-rampage-cosmopolitical-hacktivism-and-beyond-kasperskys-ics-cert-predictions-for-2024
[6] https://www.newswire.ca/news-releases/kaspersky-s-ics-cert-predictions-for-2024-ransomware-rampage-cosmopolitical-hacktivism-and-beyond-812865377.html
[7] https://finance.yahoo.com/news/kasperskys-ics-cert-predictions-2024-151700072.html
