Iran’s APT33 Hackers Are Targeting Industrial Control Systems

One of Iran’s most active hacker groups id targeting the physical control systems used in electric utilities, manufacturing, and oil refineries.

News Insights:

Adam Laub, CMO, STEALTHbits Technologies:

“Sadly, one can only hope – at least for the time being – that APT33’s or any other group’s focus on manufacturers and ICS-related industries is limited to reconnaissance and espionage. The damage of identity or IP theft would pale in comparison to the catastrophic failure of a power plant in the dead of winter or any number of unthinkable scenarios. In a world where there general public has grown largely desensitized to the daily occurrence of data breach, it’s likely that attacks on ICS would jolt us all back into reality.”

Ray DeMeo, Co-Founder and COO, Virsec:

There’s a common misconception that OT systems are less vulnerable to attack that IT systems. It’s not necessary to hack physical equipment to cause disruption or damage to industrial equipment. The control system (SCADA and others) are largely run on conventional Windows machines and vulnerable to a wide range of external, supply chain and insider attacks. We’ve seen repeatedly, with attacks from Stuxnet to Triton/Trisis, that fileless, and in-memory attacks can take hijack the control systems, and then easily bring down physical industrial equipment. The ICS industry needs a serious wakeup call to take these threats more seriously, and rapidly implement stronger security across their entire IT/OT stacks.