Security News > 2020 > March > Widely available ICS attack tools lower the barrier for attackers
The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.
"As ICS are a distinct sub-domain to information and computer technology, successful intrusions and attacks against these systems often requires specialized knowledge, establishing a higher threshold for successful attacks. Since intrusion and attack tools are often developed by someone who already has the expertise, these tools can help threat actors bypass the need for gaining some of this expertise themselves, or it can help them gain the requisite knowledge more quickly," FireEye researchers point out.
Not unexpectedly, developers mostly concentrate on creating tools to target the most widely used solutions by the largest ICS original equipment manufacturers such as Siemens, Schneider Electric, GE, ABB, Digi International, Rockwell Automation, and Wind River Systems.
"Awareness about the proliferation of ICS cyber operation tools should serve as an important risk indicator of the evolving threat landscape," the researchers noted.
"Organizations that do not pay attention to available ICS cyber operation tools risk becoming low-hanging fruit for both sophisticated and unexperienced threat actors exploring new capabilities."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/MBk_7geHbWk/