Over the last decade, the frequency and sophistication of industrial cyberattacks have evolved remarkably.
Prior to the year 2000 and the related Y2K concerns, cyberattacks were much less frequently reported and less sophisticated, and generally involved breaking into computers by cracking the passwords. In the past decade, the attacks have become more sophisticated, involving ransomware, malware injected denial of service attacks, data spoofing, and so on. Increased coordination and the formation of botnets of up to 100,000 nodes paints a bleak picture as to what to expect in the future. Nation state actors and cyber criminals backed by major funding are in a position to exploit a nation's social, financial, and critical infrastructures.
The cybersecurity for the C-Level fact sheet (DHS-NCCIC) from the Department of Homeland Security (DHS) entreats industrial enterprise leaders to prioritize cybersecurity strategies in increasingly connected industry environments. It highlights the growing rate and sophistication of malware attacks, citing Havex and BlackEnergy as examples. Havex, which operates as a Remote Access Trojan (RAT), can inject unauthorized control commands onto ICS/SCADA devices and cause denial of service in critical infrastructures (for example, water, and energy); BlackEnergy, another Trojan-type bug, can compromise HMI software to gain access to control systems: