"Pipedream Malware Can Disrupt or Destroy Industrial Systems"

According to a report by the industrial cybersecurity company Dragos, the Chernovite threat group developed a new modular malware called Pipedream to target Industrial Control Systems (ICS). This toolkit is capable of launching disruptive and destructive attacks against tens of thousands of critical industrial devices, posing a significant threat to organizations tasked with managing the electrical grid, oil and gas pipelines, water systems, and manufacturing plants. According to the Dragos report, Pipedream, a modular ICS attack framework created by Chernovite developers, is the seventh known ICS-specific malware. Pipedream is the first ICS/Operational Technology (OT) malware to be disruptive and destructive across multiple industries. Its existence is evidence that industrial adversarial capabilities have significantly increased. The Chernovite group possesses a greater scope of ICS-specific knowledge than other threat actors. The demonstrated ICS expertise in Pipedream includes the ability to disrupt, degrade, and potentially destroy physical processes in industrial environments. Dragos is confident that a state actor created Pipedream with the intention of using it for future disruptive or destructive operations. The capabilities of Pipedream provide an adversary with various options for discovering a target's OT network architecture and identifying its assets and processes. This article continues to discuss the Pipedream malware, the increase in ransomware attacks against industrial organizations, and five critical controls for strong ICS/OT cyber defense.  

Security Intelligence reports "Pipedream Malware Can Disrupt or Destroy Industrial Systems"