ICS/SCADA Social Engineering Attacks

Introduction

ICS/SCADA systems are essential to the daily operations of utility companies and industrial manufacturers. Due to their importance, these vulnerable systems are targets for attack. These threats can have wide-reaching and devastating effects on the affected businesses and the community. 

There’s a common misconception that SCADA systems are difficult to attack and exploit because they’re so isolated. However, SCADA systems are victimized at an alarming rate, according to a recent report by Fortinet

  • Among organizations that use SCADA or ICS, almost 60% experienced a data breach in the last year. Only 11% report that they have never experienced a breach
  • 63% of organizations reported that the SCADA/ICS security breach affected the safety of their employees
  • A major impact on financial stability was reported by another 58% of organizations

With the SCADA market predicted to grow to $13.43 billion by 2022, we can expect the frequency and intensity of attacks to grow. 

Attacks by exotic cyberweapons like Stuxnet and Flame made headlines in the early 2010s and fostered a fear that similar weapons may be on the way. However, cybersecurity experts warn that attacks from run-of-the-mill sources like phishing campaigns are more likely and equally as dangerous. 

In this article, we’ll define some of the most common social engineering attacks used against ICS/SCADA systems. We’ll also discuss which groups are most likely to attack industrial control systems. 

Common threat actors 

Attackers targeting SCADA networks come in all shapes and sizes. Knowing who’s spearheading the attack will give you insight into the attacker’s motivation, goals and the resources they have at their disposal. It can also help administrators gauge the potential impact of the attack. Common threat actors include:

  • Hostile nations
  • Industrial spies 
  • Disgruntled employees
  • Terrorists 
  • Hackers 
  • Criminal groups
  • Hacktivists 

Common social engineering threats 

Cybersecurity (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Christine McKenzie. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/8PTu7E0TQdE/