Islamabad (GNP): A newly released Kaspersky ICS CERT report reveals that nearly one in five industrial control systems (ICS) worldwide had malicious activity blocked in the first quarter of 2026, with the figure reaching 19.6% globally. Kaspersky’s security solutions intercepted malware from over 10,000 distinct families across industrial automation systems during the period.
Regional variation was significant, with the proportion of attacked ICS computers ranging from a high of 27.4% in Africa to a low of 9.1% in Northern Europe. Notably, attacks targeting the manufacturing sector rose across several regions compared to the previous quarter, with both Europe and Asia recording increases.
Looking at cross-sector trends, five regions registered a quarter-on-quarter rise in the share of ICS computers targeted in Q1 2026 — Southern Europe, Russia, Northern Europe, Canada, and Africa.
Among industry segments, biometric systems recorded the highest rate of blocked threats, with 26.4% of such systems affected. The report attributed this vulnerability to the fact that biometric systems typically maintain internet connectivity, handle email traffic, and often operate with minimal cybersecurity controls. Southern Europe led regionally for biometric system attacks at 35.15%, followed by Africa at 29.58% and Central Asia at 28.53%.
Within the manufacturing sector specifically, Southeast Asia topped the regional breakdown with 23.21% of ICS computers attacked, ahead of Africa at 21.36% and South Asia at 20.13%.
Evgeny Goncharov, Head of Kaspersky ICS CERT, highlighted the structural vulnerabilities driving these trends. He noted that outdated operational technology remains deeply entrenched in manufacturing environments, widening the attack surface.
He also pointed to the complexity of modern supply chains and trusted partner networks as factors that extend exposure well beyond a facility’s own network perimeter. “Attackers are realizing that targeting OT assets of an industrial enterprise is not rocket science, which is why factory shutdowns bring massive financial losses,” he warned.
The full findings are available on the Kaspersky ICS CERT website.
Also Read: Justice Grows Stronger with Women’s Leadership, Van Nguyen
To strengthen the protection of operational technology environments, Kaspersky recommends that organisations conduct regular security assessments of OT systems to identify and address vulnerabilities before they can be exploited. Building a continuous vulnerability assessment and triage process is advised as a foundation for effective risk management.
Specialised solutions such as Kaspersky Industrial CyberSecurity can provide actionable intelligence beyond what is publicly available. For threat detection and incident response, the use of endpoint detection and response tools such as Kaspersky Next EDR Expert is encouraged, alongside dedicated OT security training for both IT security personnel and operational staff to sharpen capabilities in threat prevention, detection, and response.
