SCADA DEVICES? PAY ATTENTION TO PIPEDREAM
Pipedream Malware is Hacking Threat to Industrial & Critical Infrastructure
Last week, CISA, the Department of Homeland Security office charged with cybersecurity resilience, and the FBI released the most strident alert for industrial control systems to date. The alert calls out Programmable Logic Controllers (PLC’s) SCADA deployments – as vulnerable to a new and powerful malware toolkit called Pipedream.
The devices risks include::
- Schneider Electric programmable logic controllers (PLCs)
- OMRON Sysmac NEX PLCs
- Open Platform Communications Unified Architecture (OPC UA) servers
One of the independent companies charged with assessing the threat value dubbed the malware “The Swiss Army Knife of Hacking.”
And the bad news is it’s not just particular models: it’s ALL of them.
So how does Pipedream apply to me?
If you’re an OT manager, you probably have hundreds of legacy PLC’s throughout your operational infrastructure. You may be under the impression that SCADA networks are secure because these systems are not directly connected to live IT based networks. However, in many cases, nothing could be further from the truth.
Hackers sponsored by foreign governments now have the tools necessary to take control of the output elements of critical U.S. infrastructure. Due to the conflict in Ukraine, there is a heightened risk of cyber attacks, and the government’s biggest concern is that these controllers can be manipulated to open/shut municipal water and gas supply lines at facilities all across the country.
Imagine the gas being cut off to New York City. Or water being turned off to Los Angeles. This malware can “brick” PLC’s, which could lead to catastrophic outcomes. So if you work in petrochemical, refining, natural gas, or municipal water, you need to inventory and remediate immediately.
Additionally, if you are in manufacturing, building services, automation, energy utilities, HVAC, or other industrial applications, it’s a good idea to get a scan, particularly if you service municipal or government supply chains. Any industrial site utilizing these controllers can be compromised in a variety of ways, including ransomware.
So what are the chances you have one of these devices? Quite good, if you work in any of the industrial sectors mentioned. We all appreciate this isn’t easy: the devices are small, and infrastructure is often vast, and the simple task of locating them is easier said than done.
So what do I do about it?
There is actually an easy-to-use solution. Cloudastructure’s GearBox is a tool designed specifically to scan, detect and inventory potential cybersecurity vulnerabilities in IoT devices such as PLC’s. It’s plug and play and environmentally hardened to be deployed in environmentally challenging outdoor environments. And because we’re genuinely worried about Pipedream, our GearBox team is offering a reduced rental rate of $2500 for a week so you can specifically scan for, detect, and receive a remediation roadmap for all at-risk PLC’s.
GearBox also includes a free network analysis report so you can not only head off Pipedream hackers at the pass, but obtain valuable information on network performance.
Want to learn more about GearBox? We’re here to help.