Advanced Industrial Malware Could be Inside Our Critical Infrastructure

The world’s most advance industrial malware – malware that is designed to go after industrial control systems in places like power plants – called PIPEDREAM, may already have infiltrated some critical infrastructure control systems, waiting to unleash who knows what.

Global business advisory firm Ankura said that they are concerned that PIPEDREAM cannot be stopped by patching.

Industrial cybersecurity firm Dragos said that PIPEDREAM represents a breakthrough escalation in capabilities.

It works cross industry and targets native functionality in industrial protocols and can attack a wide variety of devices.

Dragos’ CEO said, in February, that the Russian hacking group Chernovite attempted to use PIPEDREAM to take down around a dozen US electric and liquid national gas facilities. This is the closest, he said, to seeing U.S. infrastructure go offline.

While currently, PIPEDREAM is targeting the Schneider Electric and OMRON controllers used in the energy sector, it would not be hard to modify it to attack other protocols and devices.

Potentially, the malware could be extended to pose a danger to all critical infrastructure including power, factories, water utilities and oil refineries.

Since critical infrastructure like power plants did not recognize the risk until very recently, they are definitely playing catch up and the processes we use to protect business systems cannot be directly used to protect industrial control systems. In addition, it will cost billions to fix the problem and nobody has a checkbook big enough to do that. That means that the hackers have the edge.

Credit: SC Media

by