Cyber-espionage and exploitation from nation-state-sanctioned actors have only become more prevalent in recent years, with recent examples including the SolarWinds attack, which was attributed to nation-state actors with alleged Russian ties.
There are suspicions that sensitive information has been stolen from victims of the SolarWinds attack, such as Black Start, the Federal Energy Regulatory Commission’s plan to restore power after a grid blackout.
Attacks on critical infrastructure have grown in popularity since 2010, with the first nation-state cyber-physical attack on the Natanz Nuclear Enrichment Facility (aka Stuxnet). The attack changed critical process parameters such as the RPM of the centrifuges and hid these changes from the system operators, causing random centrifuge failures and significantly delaying the uranium enrichment process by the Iranians. This was followed by the blackouts that were caused as a result of the attacks on the Ukrainian Grid in 2015 and 2016.
Critical infrastructure is now a prime target in the context of global cyber warfare. Operational technology (OT), the backbone of industrial automation, has become less segmented due to equipment being addressable from the internet or by receiving services from the internet, such as software updates.
With the introduction of remote access and remote vendor support comes a much larger attack surface for the OT group, which traditionally didn’t handle IT security and advanced threats. While the Stuxnet attack destroyed centrifuges and may have delayed Iran’s nuclear program, other compromises can cause serious environmental impacts, injuries, and even loss of life. While ..
Support the originator by clicking the read the rest link below.
