Cyber security specialist Dragos has revealed that at least ten industrial plants – seven of them in the US – have had bogus Siemens software running in their systems for the last four years. As yet, it’s unclear what the purpose or effect of this crimeware might be. Spooky? You bet.
Internet Connection Sharing (ICS) has increased the possibility of cross contamination between Information Technology and Operational Technology in an industrial context. So far, ICS’s security options have failed to keep pace with other IT networks, its complexity meaning that many network security solutions aren’t viable for ICS.
Researchers believe that as many as 3,000 industrial sites are infected by malware each year, with this latest discovery only highlighting the potential of further unidentified infections. While generally low level and relatively harmless, it still has the potential to do serious damage by giving attackers access to confidential and sensitive data, and insights into how a system operates.