Important SCADA/ICS Attacks in History
SCADA and ICS are the most important cybersecurity issues in this decade. Although traditional IT is still saddled with a number of serious issues including ransomware, the threat to SCADA/ICS systems extends far beyond the individual facility and the profit margins of the individual company. Below are the most impactful attacks and their simplified understanding:
Stuxnet: It used three zero-days in Microsoft Windows operating system to enter the system and then overwrote the ladder logic of the PLCs of the uranium centrifuges so that they could not precisely enrich the uranium at the proper concentration. Still one of the most sophisticated SCADA/ICS attacks to this day and a model of just how targeted and malignant SCADA/ICS attacks can be.
Triton/Triconex: This malware infects the safety control systems (SIS) built by Schneider Electric that are designed to shut down these facilities in the event of an accident or other dangerous event. This malware is most noteworthy as it manifests the danger of SCADA/ICS attacks in a cyberwar scenario that could lead to the loss of millions of lives.
BlackEnergy3: BlackEnergy 3 was a Microsoft Office macro malware that used a vulnerability. This attack was eventually used to compromise the Human Machine Interface (HMI) and then control the breakers that control the electrical grid.
领英推è
Shamoon: Unlike other SCADA/ICS attacks that target industrial operations, Shamoon targeted the information on the facilities' computers. This is unusual, as most SCADA/ICS attacks target the industrial operations and PLCs within the system that controls operations.
New York Dam: hackers were able to access a small dam in New York State in the US. It appears to have been a test to see what they could access and there was little or no damage. The attackers accessed the SCADA controls through an Internet connection via a cellular modem.
German Steel Mill: The attackers were able to access the industrial control systems and caused multiple failures among these systems. The attackers had an intimate knowledge of the steel mill operations and the industrial control systems that managed it. This steel mill narrowly skirted disaster.
SCADA/ICS systems are among the most critical systems to any economy but are the least secure. Any modern warfare will assuredly include an element of cyber war that will attempt to cripple these industries and hamstring the economy of the target. Many of these attacks go unreported but from those, there are reported we can gain a glimpse of what these attacks might look like.
Technical Specialist (ICS/OT Cybersecurity) @ ABB
2 å¹´Good one Sourabh Suman for collecting all major incident and creating awareness. But still the sad part is even after looking into trend and data of increasing cyber threat to critical infra people still believing attacker first priority is IT only. Critical infra threat either not exist or negligible. or just some basic cyber security solution is enough. But I believe , Now its very important to accept that malicious persons also have very good command and skills to exploit ICS and for them its become first priority to exploit this either for self satisfaction or destroy any country basic needs.
Information Security Enthusiast || ICS/OT Security Aspirant || Lifelong learner
2 å¹´Loved this article...Stuxnet and Shamoon (rightly stated that the attackers did not target the SCADA systems in it) was something I was aware of...Thanks for sharing the rest....