CISA Warns of Cybercriminals Targeting Industrial Control Systems

Multiple United State government agencies including The Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have provided an advisory warning of potential attacks from advanced persistent threat (APT) groups targeting industrial control systems. The agencies report the attackers have demonstrated the capability to obtain full system control of industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices. As identified by CISA, devices at risk include Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open Platform Communications Unified Architecture (OPC UA) servers. Although prevented, Sandworm recently targeted a Ukrainian energy provider on April 8th, 2022 with industrial malware, Industroyer2.