Losing control: Critical infrastructure

So what can attackers accomplish once they are inside? The threat of outsiders with sophisticated malware targeting critical infrastructure has grown markedly in recent years. Last August, data-wiping virus Shamoon rendered 30,000 computers at the Saudi Arabia-based oil company Saudi Aramco unusable. A few months later, officials at Chevron confirmed that the U.S. oil company was hit by Stuxnet in 2010, a worm – believed to be the creation of the United States and Israel – that was originally designed to target only Siemens SCADA systems being operated within nuclear enrichment facilities in Iran. 

In October, ICS-CERT alerted the ICS sector of increased attack interest shown by malicious groups, like hacktivists. The threat report warned that these groups were using specialized search engines to identify internet-facing ICS devices as potential targets for attacks. The finding came after a security research company released hacking techniques for targeting programmable logic controllers (PLCs), computer-based hardware used to automate industrial monitoring and control processes. The exploit tools were meant for PLCs made by General Electric, Rockwell Automation, Schneider Electric and Koyo Electronics.