Security News > 2020 > March > Public ICS Hacking Tools Make It Easier to Launch Attacks: FireEye
The cybersecurity firm told SecurityWeek that its Mandiant Intelligence team tracks nearly 100 tools that can be used to exploit vulnerabilities in ICS or interact with industrial equipment in an effort to support intrusions or attacks.
Of the ICS hacking tools tracked by FireEye - the company calls them ICS cyber operation tools - 28% are designed for discovering ICS devices on a network and 24% for software exploitation.
In terms of the ICS products covered by these modules, many target Advantech, Schneider Electric, Siemens, Cogent, GE, and ICONICS. Many of these ICS hacking tools have been developed by researchers and security practitioners, and they can be very useful for organizations looking to assess their security posture, but they can also make it easier for malicious actors to launch attacks on industrial systems.
"Although successful attacks against OT environments will normally require a high level of skills and expertise from threat actors, the tools and exploit modules discussed in this post are making it easier to bridge the knowledge gap," FireEye said in a blog post.
The company added, "Awareness about the proliferation of ICS cyber operation tools should serve as an important risk indicator of the evolving threat landscape. These tools provide defenders with an opportunity to perform risk assessments in test environments and to leverage aggregated data to communicate and obtain support from company executives. Organizations that do not pay attention to available ICS cyber operation tools risk becoming low-hanging fruit for both sophisticated and unexperienced threat actors exploring new capabilities."