Kaspersky’s latest report reveals that 40 percent of global industrial control system (ICS) computers were attacked with malware in 2022. In Africa, the figure rises to 47 percent, with Ethiopia experiencing the highest attack rate at 62 percent, followed by Algeria (59 percent) and Burundi (57 percent). Rwanda (46 percent), Kenya (41 percent), Nigeria and Zimbabwe (both 40 percent), Ghana (39 percent), Zambia (38 percent), and South Africa and Uganda (both 36 percent) complete the list of the most affected African countries.
The firm explained that the continent faces a rapidly growing threat landscape that impacts both public and private sector entities, especially those in critical sectors such as energy. Kaspersky’s Middle East and Africa tech expert and consultant, Brandon Muller, warned that “one infected USB drive or a single spear‑phishing email is all it takes for cyber criminals to bridge the air gap and penetrate an isolated ICS network.” He added that traditional security measures are insufficient to protect industrial environments from evolving cyber threats. As attacks on critical infrastructure increase, selecting the right approach to secure systems has never been more important.
Despite advances in modern cybersecurity solutions, human error remains a significant factor in compromising ICS systems. Kaspersky therefore advises utility companies, mines, and other industrial operators to adopt a more proactive stance and build a “human firewall.” The company defines ICS as a collection of personnel, hardware, and software that influence the safe, secure, and reliable operation of an industrial process. In this environment, information technology (IT) is one component, while operational technology (OT) is another key element.
Traditional cybersecurity solutions focus on data‑oriented businesses, whereas ICS protection targets OT security for cyber‑physical companies such as utilities, mining, and manufacturing. Effective OT cybersecurity measures should include industrial endpoint protection to prevent accidental infections and deter motivated intrusions, OT network monitoring and anomaly detection to identify malicious actions at the level of programmable logic controllers, and dedicated expert services to investigate infrastructure, conduct advanced analytics, and mitigate the impact of incidents.
Comments are closed for this story.