Kaspersky's Industrial Control Systems Cyber Emergency Response Team (ICS CERT) has released its predictions for the year ahead, shedding light on the key cybersecurity challenges that industrial enterprises will face in 2024.

Looking back at 2023, Kaspersky observed several emerging trends in the industrial cybersecurity landscape.

The pursuit of efficiency in Industrial Internet of Things (IIoT) and SmartXXX systems expanded the attack surface, while rising energy carrier prices drove a shift towards cloud services to mitigate hardware costs.

Additionally, increased government involvement in industrial processes raised concerns about data leaks due to underqualified employees and insufficient practices for responsible disclosure.

Building upon these trends, Kaspersky's predictions for 2024 include:

RANSOMWARE TARGETING HIGH-VALUE ENTITIES

Ransomware is projected to remain a significant concern for industrial enterprises. Large organizations, unique product suppliers, and major logistics companies face increased risks, with potential severe economic and social consequences. Cybercriminals are expected to target entities capable of substantial ransom payments, causing disruptions in production and delivery.

COSMOPOLITICAL PROTEST HACKTIVISM

 Geopolitically motivated hacktivism is forecasted to intensify, presenting more destructive consequences. In addition to country-specific protest movements, the rise of cosmopolitical hacktivism is expected, driven by socio-cultural and macro-economic agendas such as eco-hacktivism. This diversification of motives may contribute to a more complex and challenging threat landscape.

SUBTLER THREATS AND DETECTION CHALLENGES

The use of "offensive cybersecurity" for gathering cyberthreat intelligence is anticipated to have controversial consequences. While it may improve corporate security by providing early signs of potential compromises, the thin line between the grey zone and the shadows may be breached. Profit-driven cyber activities, armed with commercial and open-source tools, could operate more discreetly, making detection and investigation challenging.

SHIFTS IN THREATS RELATED TO LOGISTICS AND TRANSPORT

The rapid automation and digitization of logistics and transport are introducing new challenges, intertwining cyber and traditional crimes. This includes theft of vehicles and goods, maritime piracy, and smuggling. Non-targeted cyberattacks may lead to physical consequences, especially in river, sea, truck, and special-purpose vehicles.

“The industrial sector’s cybersecurity is continuously going through significant changes, with both new types of attacks and more sophisticated versions of old ones. Ransomware attacks are still a big problem, and hackers are getting better at targeting large, profitable companies with more advanced methods. Hacktivists who are motivated by social issues are also becoming more active, adding another layer of complexity to the threats. The transportation and logistics industry is especially vulnerable to these changes because its systems are becoming more and more digital. This combination of cyber and traditional crime is a serious threat to global supply chains. To protect ourselves, we need to prioritize cybersecurity, avoid paying ransoms, and keep improving our defenses,” commented Evgeny Goncharov, head of Kaspersky ICS CERT.