Categories:   All Categories
Suggested keywords
x
  Print

Pipedream? Hackers Aim to Crash the Entire System By Chris Knight (Florida)

In this age of misinformation – almost all of it produced by the system to cover its tracks, what reports can be trusted? Still, if we acknowledge this uncertainty and proceed, there have been warnings made that hackers, or rather, advanced persistent threat actors, have now developed a malware toolkit known as “Pipedream,” to target industrial control systems like power grids and oil refineries.  Ransomware attacks targeted Colonial Pipeline Inc. in the US mid-last year, and succeeded in shutting down production, leading to a fuel shortage. The intelligence organisations claim that these unidentified threat actors are moving away from attacking IT and to trying their hand at undermining operational systems. When the Ukraine War finally becomes a hot kinetic war between Russia and NATO, cyber-attacks will be common, and devastating upon populations who live in urban nests or beehives, with no self-reliance.

https://techhq.com/2022/04/us-fed-warns-of-state-hackers-targeting-industrial-control-systems/

“A warning was issued on the grounds that certain advanced persistent threat actors have developed custom-made tools to gain full system access to multiple ICS and SCADA devices.

  • Known as Pipedream, the malware toolkit is said to be the most versatile tool ever made to target industrial control systems like power grids and oil refineries
  • The DOE, CISA, NSA, and the FBI are all urging critical infrastructure organizations, especially energy sector organizations, to implement the detection and mitigation recommendations provided to detect potential malicious APT activity and harden their ICS/SCADA devices

 

Industrial control systems (ICS) are essential for the steady functioning of critical infrastructures such as the energy and water grid or the manufacturing sector. Therefore, when an attack is launched on ICS, the consequences are often far-reaching, just like then a ransomware attack targeted Colonial Pipeline Inc. in the US mid-last year.

That attack brought the entire facility to a complete halt for a few days which then inevitably caused an acute fuel shortage, while prices soared through the roof. It is unfortunate though that threat actors are increasingly shifting their focus from information technology (IT) to what ICS is often referred to as operational technology (OT). 

This puts the critical industrial infrastructure owned by the state and private entities at high risk of destructive cyberattacks that can cause severe economic damage. Predictably, governments across the world can only urge private entities to toughen their critical infrastructure defenses—while taking steps to improve national cyberspace security.

Hence why in the US, the Department of Energy (DOE) alongside the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) yesterday to warn critical infrastructure owners of a tool developed by hackers to target ICS like power grids and oil refineries.

“DOE, CISA, NSA, and the FBI warn that certain advanced persistent threat (APT) actors have exhibited the capability to gain full system access to multiple ICS/supervisory control and data acquisition (SCADA) devices,” the statement reads. 

The tools, according to the officials, enable the threat actors to scan for, compromise, and control affected devices once they have established initial access to the OT network. “Additionally, the actors can compromise Windows-based engineering workstations, which may be present in information technology (IT) or OT environments, using an exploit that compromises an ASRock motherboard driver with known vulnerabilities,” they said.

By compromising and maintaining full system access to ICS/SCADA devices, DOE, CISA, NSA, and the FBI said APT actors could elevate privileges, move laterally within an OT environment, and disrupt critical devices or functions. Therefore, the CSA urges critical infrastructure organizations, especially energy sector organizations, to implement the detection and mitigation recommendations provided to detect potential malicious APT activity and harden their ICS/SCADA devices. 

Among the actions suggested include enforcing multi-factor authentication for all remote access to ICS networks and devices whenever possible; change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to mitigate password brute force attacks and to give defender monitoring systems opportunities to detect common attacks; and also leverage a properly installed continuous OT monitoring solution to log and alert on malicious indicators and behaviors. 

A rather shocking revelation from Kaspersky last year shows that around one in three ICS were targeted by malicious activity in the first half of 2021 (1H21), with spyware a growing threat. Of the 33.8% of ICS machines targeted in 1H21, internet-based threats dominated (18.2%), followed by those delivered via removable media (5.2%) and malicious email attachments (3%).

Although the total number attacked increased just 0.4% from the final six months of 2020, Kaspersky said the overall trend in recent years has been of surging threats to industrial systems, as IT and OT technologies increasingly converge.”

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, 19 April 2024

Captcha Image

Other Sites

Categories

Race, Culture, Nation
Constitution and Law
Politicians and Candidates
Health
Genderism
Banking and Finance
Environment, Climate
Agenda 2030
Referenda
Trade Deals and TPP
Elections
About Us

Blog Search

Archive

Support Jar

Do you wish to financially support ongoing work of the
Australian League of Rights?

You can perform a direct bank transfer of your contributions.

Bank Transfer details are:

A/c Title
Australian League of Rights (SA Branch)

BSB 
105-044

A/C No.
188-040-840

 

Email the ALOR Head Office

THE LEAGUE’S FREEDOM CAMPAIGN

No political movement can exist in a moral vacuum, and Australians have traditionally accepted that it is the Christian Faith that generated our heritage of representative government. While the League maintains a small full-time staff primarily motivated by Christian service, it is the extensive network of volunteers from all walks of life who form the backbone of the Movement.

The League of Rights seeks to help create a body of dedicated men and women who serve not for their own material gain, but as custodians of those truths and values which must form the basis of all successful efforts to defeat the enemies of human dignity and freedom.

The League encourages and equips individuals to independently exercise their own initiative in the service of freedom.

 

All Political Comment Authorised by
Arnis J Luks
13 Carsten Court, Happy Valley, SA.