Trend Micro -
Legacy malware had the most detections in India, China, the US, and Taiwan. For coinminer, Equated malware, and WannaCry, India had the most detections. On the other hand, Japan had the most Emotet infections, while ICSs in Germany had the most adware incidents.
Through this extensive research, we found that there were several malware threats that pose a great risk on ICSs. By identifying these threats, we can now determine various steps that your enterprise can take to better secure your industrial control systems.
But what does this information mean? This tells us several things:
Ransomware continues to be a major concern and continues to be a rapidly evolving threat to ICSs across the globe; Coinminers affect ICSs mostly through unpatched operating systems; Conficker continues to propagate on ICS endpoints running newer OS; Legacy malware still affects IT/OT networks; and Malware detected on ICS endpoints varies between countries.
Based on the detection data, we can conclude that modern malware such as the threats we discussed affect ICSs. It means both modern techniques like fileless malware and hacking tools and age-old methods like removable drive autorun can successfully infect ICS endpoints.
The stakes are also higher for some attacks.