The newly observed tactics and techniques allow lower-skilled actors to deploy more sophisticated operations, according to the alert.įollowing the joint alert, ICS security vendor Dragos provided more information in a threat report Wednesday, which referred to the new malware as "Pipedream." Dragos attributed Pipedream to a threat group it calls "Chernovite," which the company has tracked since 2021 and noted "unique tool development" as one of its identifiers. One exploit takes advantage of flaws in an ASRock motherboard driver that would enable actors to "compromise Windows-based engineering workstations, which may be present in information technology (IT) or OT environments." "The APT actors' tools have a modular architecture and enable cyber actors to conduct highly automated exploits against targeted devices," the alert said. Attacks could lead to the disruption of "critical devices or functions," according to CISA. The alert named Schneider Electric programmable logic controllers, Omron Sysmac NEX PLCs and Open Platform Communications Unified Architecture servers as targets of the new ICS malware.Īfter establishing initial access in an operational technology (OT) network, the new tools enable actors to scan for, compromise and control those devices.
0 Comments
Leave a Reply. |