Latest news with #KasperskyICS-CERT

New Straits Times

APAC industries face rising ICS cyber threats

VIETNAM: Key subregions in the Asia Pacific (APAC) continue to face a barrage of cyber attacks on Industrial Control Systems (ICS) computers, according to Kaspersky's latest data. Kaspersky ICS-CERT reported that Southeast Asia ranked second globally by percentage of ICS computers where malicious objects were blocked in the first quarter (1Q) of 2025, while Central Asia ranked third and South Asia sixth. APAC Kaspersky managing director Adrian Hia said ICS computers in the region recorded a higher infection rate of 23 per cent in the second quarter of 2025, nearly three percentage points above the global average of 20.54 per cent. He noted that in 2Q 2025, a new wave of phishing was blocked on ICS computers in the oil and gas sector in APAC. "This time, known spyware families like FormBook, AgentTesla and Noon were directly attached to the emails. Kaspersky solutions blocked all these attacks," he told the Cyber Security Weekend 2025, here today. Citing ICS-CERT data, Hia said APAC is also among the top regions by virus detections, two to three times higher than the world average. The most affected industries include power energy, building automation, oil and gas, manufacturing, as well as ICS engineering and integration. Although viruses are often considered legacy threats, they can cause operations disruption in the event of an outbreak, and they drive up maintenance costs. Hia said the most affected APAC industries by virus threats in 2Q 2025 were power energy, building automation, oil and gas, manufacturing and ICS engineering and integration. "The most affected countries in terms of virus on ICS computers in 2Q 2025 were Vietnam, Afghanistan, China, Bangladesh, Pakistan, Myanmar, Laos, Cambodia, Indonesia and Nepal," he added. To counter the escalating threats to critical infrastructure, Kaspersky urged the adoption of a layered cybersecurity framework, anchored by an intelligence-driven Security Operations Centre (SOC). "This framework should start with prevention by using tools such as brand protection, attribution engines and compromise indicators, while also relying on incident response, penetration testing and cyber drills to minimise damage and accelerate recovery," Hia said. He added that integrating IT and operational technology (OT) security through centralised SOC systems with real-time visibility will be crucial to ensuring resilience as APAC industries move towards greater digital and operational convergence. "With IT and OT integration set to accelerate in the years ahead, cybersecurity strategies in APAC must continue evolving, bridging both domains to secure operations and ensure resilience in an increasingly connected world," he concluded.