Kaspersky has published its report on the ICS Threat Landscape for H2 2020, revealing an increase in ransomware attacks on ICS computers. The report is based on statistical data gathered by the distributed antivirus Kaspersky Security Network.

What’s in the report?

The data analyzed by the researchers is provided by ICS computers that are hosted in networks of industrial infrastructures, running Kaspersky security products.
  • Around 33.4% of ICS computers were targeted by some cyberattack in the second half of 2020, a 0.85% increase compared to H1.
  • In H2 2020, the ICS computers hit by attackers increased in comparison to H1, in 62% of countries. Between H1 2020 and H2 2019, the growth was 7%.
  • Saudi Arabia recorded the maximum growth (8.2%) in the number of attacks. Globally, ICS computers targeted by ransomware dropped from 0.63% in H1 2020 to 0.49% in H2 2020. 
  • However, experts observed an increase in ransomware attacks in several countries including Western Europe (0.13%), Australia (0.23%), the U.S., and Canada with a 0.25% increase.

Additional insights

Although the report suggests a drop has been observed in the ransomware attacks on ICS computers, the adverse effect is represented by an increase in such attacks mostly in developed countries.
  • In 2020, Kaspersky blocked ransomware infection attempts on 0.77% of ICS devices. Moreover, in terms of the percentage of ICS computers targeted by cyberattacks, Asian countries lead the count in comparison to the rest of the world.
  • In 2020, the ICS computers on which Kaspersky blocked malicious objects were around 38.6%, (a decrease of 7.8% than in 2019). Additionally, experts did not observe any seasonal changes in cyberattacks.


The recent attack trend indicates the reaction of cybercriminals toward the economic consequences of the pandemic. In countries where organizations were badly hit and unstable in running businesses, they faced fewer attacks than organizations with financial stability—mostly developed countries.

Cyware Publisher