Numerous US government agencies issued a joint notice on Wednesday, warning of the discovery of malicious cyber tools produced by undisclosed advanced threat actors that were capable of getting “full system access” to multiple industrial control systems.
The joint notice was uploaded on the website of the National Security Agency (NSA) and the Cybersecurity & Infrastructure Security Agency (CISA).
NSA, the Federal Bureau of Investigation (FBI) and the Energy and Homeland Security departments issued the public alert without naming the players and there aren’t any details about the discovery.
The threat actor targeting numerous industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices were the subjects of the combined Cybersecurity Advisory (CSA).
Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open Platform Communications Unified Architecture (OPC UA) servers were also targeted, according to the joint notice.
“The tools enable them to scan for, compromise, and control affected devices once they have established initial access to the operational technology (OT) network,” a portion of the joint notice read.
To detect potential hostile APT activity and harden their ICS/SCADA devices, the Department of Energy (DOE), CISA, NSA, and FBI urged critical infrastructure organizations, particularly those in the energy sector, to apply the detection and mitigation recommendations offered in the CSA.
© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.