Embedded devices across the financial, medical, and retail sectors—including ATMs and point-of-sale systems—are increasingly facing sophisticated cyberattacks once reserved for high-profile targets. To address the rise in complex tactics, Kaspersky has released a significant update to Kaspersky Embedded Systems Security (KESS). The update focuses on expanding behavioral analysis and reinforcing protection layers specifically for low-power and legacy hardware that may lack the resources for traditional endpoint security.
The core of this release is an enhanced behavioral analysis engine. This technology powers several critical subsystems: Automatic Exploit Prevention, a Remediation Engine, and an improved Anti-Cryptor. These tools are designed to detect evasive threats that bypass static detection or standard hardening-based countermeasures. The goal is to provide embedded devices with the same level of protection mechanisms typically found on full-scale workstations.
Specific to the hardware challenges of embedded environments, the update introduces BadUSB attack prevention. This feature blocks malicious USB devices that attempt to mimic keyboards or human-input peripherals to execute unauthorized commands. Additionally, KESS now includes a proprietary application-level firewall, allowing organizations to control how embedded applications communicate with external peers and reducing the surface area for suspicious network interactions.
For ease of monitoring, a new “traffic-light” Security Level Indicator has been added. This provides operators with an instant visual cue regarding a device’s security posture, identifying when further adjustments are necessary.
KESS is designed to support high-diversity device fleets, ranging from very old, low-performance hardware to modern, more powerful systems. It operates in low-bandwidth environments and minimizes cloud reliance. Through an opt-in approach, organizations can choose to apply pure hardening for legacy devices or full-spectrum security for newer hardware, all managed through a unified ecosystem with consistent policies.
“Embedded systems are no longer isolated or too limited to be worth targeting. They face the same sophisticated threats as traditional endpoints, but protecting them requires addressing their specific constraints,” says Oleg Gorobets, Cybersecurity Expert at Kaspersky. “This updated solution gives organizations stronger, smarter, more flexible protection while keeping operational complexity low. As embedded infrastructures continue to grow, so does the need for security that is both lightweight and deeply effective – and this KESS update delivers exactly that.”
