REPORTS

ICS/OT Cybersecurity Year in Review 2022

February 17, 2023

2022 Key Findings Overview

2022 saw a breakthrough escalation in capabilities by a new modular industrial control systems (ICS) malware, PIPEDREAM, developed by the threat group, CHERNOVITE. CHERNOVITE’S PIPEDREAM toolkit has the capabilities to impact tens of thousands industrial devices that control critical infrastructure – devices that manage the electrical grid, oil and gas pipelines, water systems, and manufacturing plants. The toolkit focuses on three software components with capabilities that impact over 51,000 industrial vendor systems. For industrial operators this can be viewed as a supply chain risk, as the methods target key vendor systems.

PIPEDREAM is the first reusable cross-industry capability that impacts native functionality in industrial protocols and a wide variety of devices. Dragos and our third-party partners discovered and analyzed its capabilities before it was employed. Malware development is shifting towards improving on the known and successful techniques used in earlier ICS cyber attacks. This accumulated knowledge may have informed PIPEDREAM’s malware framework, which is more robust and modular and most likely will inform CHERNOVITE and other adversaries’ malware development in the future.

The threats and ransomware attacks tracked by Dragos in 2022 show a continued increase. Highlights of these attacks by vertical industry include:

  • The first attacks against the mining and metals industries in Australia and New Zealand (ANZ) region.
  • Continued targeting of renewable energy companies in the U.S. and the European Union (EU).
  • Increased attacks on energy, food and beverage, pharmaceuticals, chemicals, water and wastewater
  • Accelerated attacks in electrical, manufacturing, oil and natural gas, and liquefied natural gas

Russia’s Invasion of Ukraine

On February 25, 2022, the day after Russia invaded Ukraine, the ransomware group Conti declared that if a cyber attack or warfare were directed against Russia, Conti would use “all possible resources to strike back at the critical infrastructure of an enemy.”…

SHARE:
Price: FREE

About the Provider

Dragos
Dragos is the Industrial Cybersecurity export on a relentless mission to safeguard civilization.

TOPICS

cyber threats, Cybersecurity, Industrial Control Systems, Operational Technology, ransomware