Risk of cyberattacks on the ICS system
According to a new Kaspersky ICS CERT report released on the afternoon of July 10, in the first quarter of 2026, the rate of industrial control systems (ICS) being attacked detected and prevented by Kaspersky reached 19.6% globally.
The security solutions of this cybersecurity company have detected and prevented threats from 10,052 different malware families on industrial automation systems.
Overall in all industries, there are 5 regions recording an increase in the rate of industrial control systems (ICS) computers being attacked in the first quarter of 2026 compared to the previous quarter. These are Southern Europe, Russia, Northern Europe, Canada and Africa.
In the manufacturing industry, Southeast Asia ranks first among regions in terms of the rate of ICS computers being cyberattacked (23.21%), followed by Africa (21.36%) and South Asia (20.13%).
Mr. Simon Tung, General Director in charge of ASEAN and Emerging Markets (AEC) region of Kaspersky said: "The fact that Southeast Asia leads the world in the number of cyberattacks targeting manufacturing industries is sounding a strong alarm bell.
Factories in the region are increasingly accelerating the digital transformation process, which makes them a major target for cybercrime. The ICS system is the backbone of the economy, and just one intrusion incident can seriously disrupt production activities, leading to heavy financial losses.
Businesses cannot just stop at protecting traditional information technology (IT) systems, but need to urgently deploy specialized security solutions, strong enough to protect the operating technology environment”.
Advice
To protect computers in the OT (operating technology system) environment from many different types of threats, Kaspersky experts recommend:
- Regularly assess the safety level of OT systems to detect and promptly fix potential network security vulnerabilities or risks.
-Establishing a continuous security vulnerability evaluation and classification process, as a foundation for effective vulnerability management. Using specialized solutions, to be able to provide businesses with in-depth and practical information that is difficult to find from public sources.
- Promptly update important components of the OT network in the business. The deployment of security patches, bug fixes or the application of risk reduction measures as soon as technical conditions permit is a key factor to prevent serious incidents that could cause businesses to lose millions of USD due to production disruptions.
- Improve the ability to respond to new and increasingly sophisticated attack techniques by strengthening the skills of the team in preventing, detecting and responding to incidents.
In-depth training programs on OT security for IT security personnel and OT operating teams are one of the important measures to achieve this goal.
- To build proactive cybersecurity defense capabilities, businesses need to continuously update the developments of the current threat context, and at the same time overcome weaknesses that other organizations have encountered before they were exploited by bad actors in their own infrastructure.
