We’ve seen a period of people doing a lot of reconnaissance of control systems. You see a lot of breaches of companies in the resources business – electric companies, oil and gas, chemical, and mining. That might sound alarming, but the breaches you are really seeing are not touching control systems at all.
The interesting thing about this is that the attacks are targeting very specific information in many of those environments. They have schematics of the control systems. So while they may not be actually touching the control systems, they’re interested in them.
When we think about trends, and what we might see in the future, at some point that information is going to get used, and most businesses that use large critical infrastructure equipment don’t do a particularly good job of segmenting off the enterprise cloud that has malware.
Photo via Sam Churchill
Interesting topic to touch upon. I work SCADA and old school hardwired relays to equipment. I have experience in the Newer Tech. that allows for controls to be manipulated via IP. Not cool to have equipment start/stop without being notified by a coworker that is offsite.
Boots on the ground, proper and consistent training and protocols make the difference. You have to have a Mole on the inside to things go wrong in a way to count.