Cybersecurity firm Kaspersky has identified the primary factors contributing to advanced persistent threat (APT) attacks in industrial sectors. The first of them, discussed in a new report published today, is the absence of isolation in operational technology (OT) networks. Kaspersky experts have observed instances where engineering workstations are connected to the IT and OT networks. This dependence on network configuration for isolation can be manipulated by skilled attackers, allowing them to manage malware traffic or infect seemingly isolated networks. “In situations where the OT networks’ isolation solely relies on the configuration of networking equipment, experienced attackers can always reconfigure that equipment to their advantage,” explained Evgeny Goncharov, head of the industrial control systems cyber emergency response team at Kaspersky. The human factor also remains a significant driver of cyber-criminal activities in industrial settings, according to the report, with employees or contractors frequently being given access to OT networks without adequate attention to information security measures. Remote administration tools, such as TeamViewer or Anydesk that were intended to be temporary may continue to run unnoticed, making it easy for attackers to gain entry.