Hello, Guest!

Cybersecurity

US Agencies Warn Against New Hacking Tool That Affects ICS/SCADA Devices

Cybersecurity warning

US Agencies Warn Against New Hacking Tool That Affects ICS/SCADA Devices

Four federal agencies have warned organizations about a new tool that could allow hackers to penetrate devices used in industrial control systems.

According to the joint warning, an unnamed advanced persistent threat actor designed the tool, dubbed “PIPEDREAM,” that can give actors full system access to industrial control systems/supervisory control and data acquisition devices. The devices include programmable logic controllers from Schneider Electric and Omron and servers from Open Platform Communications Unified Architecture.

Critical infrastructure owners, especially those operating in the energy sector, are urged to look out for the usage of the tool.

The warning was jointly issued by the FBI, the National Security Agency, the Department of Energy and the Cybersecurity and Infrastructure Security Agency, FCW reported.

The agencies said the tools have a modular architecture that allows cyber actors to conduct automated exploits. The application also has a virtual console with a command interface that replicates target ICS/SCADA devices, which allows even lower-skilled hackers to carry out sophisticated attacks.

According to the agencies, the tool allows hackers to scan for, compromise and control affected devices once they establish initial access to the operational technology network. Actors can also affect Windows-based workstations.

Other things that the tool can do is elevate privileges for hackers, allow infiltrators to move laterally within an OT environment and disrupt devices or functions.

The agencies recommend that organizations with ICS/SCADA devices use stronger perimeter controls for their devices and limit incoming or outgoing communications.

Other recommendations include the usage of multi-factor authentication, constant password changes and the execution of integrity checks on firmware and controller configuration files.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity