Kaspersky’s Cybersecurity Predictions for Industrial Control Systems in 2025
Kaspersky Industrial Control Systems Cyber Emergency Response Team (ICS CERT) has outlined its cybersecurity predictions for 2025. There will be a growing need to protect both innovative and legacy systems, all while navigating the landscape of geopolitical tensions, sanctions, and trade barriers. Careful technology vendor choice by industrial enterprises will also be key to ensuring resilient operations.
ICS predictions are part of the Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts in the cybersecurity world. A year ago, Kaspersky predicted multiple ICS threat developments for 2024 which came true. Ransomware has become a serious threat to industrial enterprises, with cybercriminals targeting high-value organizations, unique product suppliers, and major logistics companies. In addition, geopolitically motivated hacktivism has persisted, adding complexity to the threat landscape.
With these risks remaining relevant, Kaspersky highlights six new developments that industrial enterprises should watch out for in 2025.
1. Growing risks of innovative tech being stolen from industrial enterprises
While innovations are transforming businesses and driving a new technological revolution, this surge also attracts cybercriminals targeting research institutions and technology leading enterprises to steal valuable technical information. Industrial enterprises are particularly vulnerable, as sensitive data is often more at risk on their “shop floor” or through supply chains rather than in their research labs. Protecting operational technology (OT) assets to counter these growing threats in the coming year requires increased awareness and robust cybersecurity measures.
2. Intentionally created barriers and sanctions expose operational technology to additional threats
Geopolitical tensions, sanctions, and artificial barriers to accessing advanced technology are driving violations of intellectual property rights. This creates security risks for OT developers and suppliers, as the safeguards built into their products may no longer adequately protect their intellectual property. From the other hand, cracked software, third-party patches, and license workarounds further elevate cybersecurity risks to their customers by additionally exposing their OT environments to threats.
3. The adoption of new technologies leads to new cyber risks
Industrial enterprises are increasingly implementing innovations such as AI / machine learning, augmented reality, and quantum computing to enhance efficiency. AI-powered process control is already delivering billion-dollar gains in industries like non-ferrous metallurgy. These systems are becoming indispensable production assets, but they also introduce new cybersecurity challenges. Misuse of AI can lead to unintended data disclosures and other security risks that are hard to predict. Both AI systems and the unique enterprise data they rely on may become high-value targets for cyberattacks, with potential consequences like permanent data loss and production efficiency degradation. Meanwhile, attackers are leveraging AI themselves as well to develop malicious tools and improve social engineering tactics.
4. The use of time-tested tech leads to new cyber risks as well
In 2025 and beyond, time-tested systems like telecom equipment and industrial IoT devices may become targets of cyberattacks due to outdated security measures. Remote facilities that rely upon inexpensive network equipment are especially prone to exploitation. Additionally, the rise of Linux systems in OT environments introduces new challenges, as they may lack mature security solutions, and there are fewer skilled Linux cybersecurity professionals to safeguard them properly. Consequently, revising cybersecurity measures for legacy and time-tested technologies is essential.
5. Wrong equipment vendor choice means higher risk
Vendors that underinvest in cybersecurity expose their clients to significant risks. Long and complex supply chains, often involving smaller niche providers, make things extremely hard to manage. Additionlly, industrial enterprises frequently develop unique automation solutions in-house or through affiliates, often with inadequate security measures. These factors amplify risks in 2025, making the supply chain and custom equipment easy targets for cyberattacks. Selecting reliable vendors that adhere to high security standards is crucial.
6. Security by obscurity will not work in 2025 for OT infrastructures
The proliferation of open source tools for industrial automation has simplified the task of attacking critical production assets. Industrial enterprises, while improving automation and documentation, inadvertently make it easier for attackers to further craft sophisticated attacks on the production assets when persistence within the victim network has been achieved. In 2025, targeted cyber-physical operations will be significantly easier to implement than a few years ago. Attackers now have access to tools and information that dramatically decrease the need for industry-specific expertise.
“The evolving cyberthreats, from AI-driven attacks to vulnerabilities in new and legacy technologies, pose significant risks to industrial enterprises in 2025. Cybercriminals are increasingly targeting supply chains, operational networks, and trusted partners, making no part of an organization’s ecosystem 100% secure. To counter these risks, industrial enterprises must prioritize proactive cybersecurity measures, carefully explore vendor and supply chain security, and continuously educate their teams – both regular employees and cybersecurity professionals,” commented Evgeny Goncharov, head of Kaspersky ICS CERT.
Kaspersky’s Cybersecurity Predictions for Industrial Control Systems in 2025
Kaspersky Industrial Control Systems Cyber Emergency Response Team (ICS CERT) has outlined its cybersecurity predictions for 2025. There will be a growing need to protect both innovative and legacy systems, all while navigating the landscape of geopolitical tensions, sanctions, and trade barriers. Careful technology vendor choice by industrial enterprises will also be key to ensuring resilient operations.
ICS predictions are part of the Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts in the cybersecurity world. A year ago, Kaspersky predicted multiple ICS threat developments for 2024 which came true. Ransomware has become a serious threat to industrial enterprises, with cybercriminals targeting high-value organizations, unique product suppliers, and major logistics companies. In addition, geopolitically motivated hacktivism has persisted, adding complexity to the threat landscape.
With these risks remaining relevant, Kaspersky highlights six new developments that industrial enterprises should watch out for in 2025.
1. Growing risks of innovative tech being stolen from industrial enterprises
While innovations are transforming businesses and driving a new technological revolution, this surge also attracts cybercriminals targeting research institutions and technology leading enterprises to steal valuable technical information. Industrial enterprises are particularly vulnerable, as sensitive data is often more at risk on their “shop floor” or through supply chains rather than in their research labs. Protecting operational technology (OT) assets to counter these growing threats in the coming year requires increased awareness and robust cybersecurity measures.
2. Intentionally created barriers and sanctions expose operational technology to additional threats
Geopolitical tensions, sanctions, and artificial barriers to accessing advanced technology are driving violations of intellectual property rights. This creates security risks for OT developers and suppliers, as the safeguards built into their products may no longer adequately protect their intellectual property. From the other hand, cracked software, third-party patches, and license workarounds further elevate cybersecurity risks to their customers by additionally exposing their OT environments to threats.
3. The adoption of new technologies leads to new cyber risks
Industrial enterprises are increasingly implementing innovations such as AI / machine learning, augmented reality, and quantum computing to enhance efficiency. AI-powered process control is already delivering billion-dollar gains in industries like non-ferrous metallurgy. These systems are becoming indispensable production assets, but they also introduce new cybersecurity challenges. Misuse of AI can lead to unintended data disclosures and other security risks that are hard to predict. Both AI systems and the unique enterprise data they rely on may become high-value targets for cyberattacks, with potential consequences like permanent data loss and production efficiency degradation. Meanwhile, attackers are leveraging AI themselves as well to develop malicious tools and improve social engineering tactics.
4. The use of time-tested tech leads to new cyber risks as well
In 2025 and beyond, time-tested systems like telecom equipment and industrial IoT devices may become targets of cyberattacks due to outdated security measures. Remote facilities that rely upon inexpensive network equipment are especially prone to exploitation. Additionally, the rise of Linux systems in OT environments introduces new challenges, as they may lack mature security solutions, and there are fewer skilled Linux cybersecurity professionals to safeguard them properly. Consequently, revising cybersecurity measures for legacy and time-tested technologies is essential.
5. Wrong equipment vendor choice means higher risk
Vendors that underinvest in cybersecurity expose their clients to significant risks. Long and complex supply chains, often involving smaller niche providers, make things extremely hard to manage. Additionlly, industrial enterprises frequently develop unique automation solutions in-house or through affiliates, often with inadequate security measures. These factors amplify risks in 2025, making the supply chain and custom equipment easy targets for cyberattacks. Selecting reliable vendors that adhere to high security standards is crucial.
6. Security by obscurity will not work in 2025 for OT infrastructures
The proliferation of open source tools for industrial automation has simplified the task of attacking critical production assets. Industrial enterprises, while improving automation and documentation, inadvertently make it easier for attackers to further craft sophisticated attacks on the production assets when persistence within the victim network has been achieved. In 2025, targeted cyber-physical operations will be significantly easier to implement than a few years ago. Attackers now have access to tools and information that dramatically decrease the need for industry-specific expertise.
“The evolving cyberthreats, from AI-driven attacks to vulnerabilities in new and legacy technologies, pose significant risks to industrial enterprises in 2025. Cybercriminals are increasingly targeting supply chains, operational networks, and trusted partners, making no part of an organization’s ecosystem 100% secure. To counter these risks, industrial enterprises must prioritize proactive cybersecurity measures, carefully explore vendor and supply chain security, and continuously educate their teams – both regular employees and cybersecurity professionals,” commented Evgeny Goncharov, head of Kaspersky ICS CERT.
Kaspersky Predicts Cybersecurity Landscape for Industrial Enterprises in 2025
As industrial enterprises brace for the future, Kaspersky’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) has unveiled its cybersecurity predictions for 2025, highlighting a landscape fraught with challenges and evolving threats. The insights, part of the Kaspersky Security Bulletin, underscore the urgent need for robust cybersecurity measures amid rising geopolitical tensions and the complexities of modern technology.
With cybercriminals increasingly targeting high-value organizations, Kaspersky warns of a growing risk of innovative technologies being stolen from industrial enterprises. Sensitive data, often more vulnerable on the shop floor than in research labs, necessitates heightened awareness and protective measures. Additionally, geopolitical sanctions and barriers are exposing operational technology (OT) to new threats, as intellectual property rights violations become more common.
The adoption of cutting-edge technologies like AI and quantum computing, while enhancing efficiency, introduces new cyber risks. Kaspersky emphasizes that these systems, along with legacy technologies, require updated security protocols to fend off potential attacks. The reliance on outdated equipment, particularly in remote facilities, further complicates the cybersecurity landscape.
Vendor selection is also critical; choosing suppliers that prioritize cybersecurity can mitigate risks associated with complex supply chains. Kaspersky warns that security by obscurity will no longer suffice, as attackers gain access to sophisticated tools that simplify targeting critical production assets.
Evgeny Goncharov, head of Kaspersky ICS CERT, states, “The evolving cyberthreats pose significant risks to industrial enterprises in 2025. No part of an organization’s ecosystem is 100% secure.” He urges enterprises to prioritize proactive cybersecurity measures, scrutinize vendor security, and invest in continuous education for their teams.
As the clock ticks toward 2025, industrial enterprises must navigate this intricate web of threats to safeguard their operations and innovations.