In this session from SecurityWeek’s 2022 ICS Cybersecurity Conference, Mark Plemmons, Sr. Director for Threat Intelligence at Dragos, dives deep into the technical details and real-world impact on the modular ICS attack framework known as PIPEDREAM/Incontroller that can be used to disrupt and/or destruct devices in industrial environments. In April 2022, a joint advisory from the Department of Energy, CISA, NSA and the FBI warned that unidentified APT actors have created this suite of specialized tools capable of causing major damage to PLCs from Schneider Electric and OMRON Corp. and servers from open-source OPC Foundation.
Analysts believe the malware has not been deployed yet in the wild and that its operator likely plans on using it in future operations. Based on analysis, the framework has been designed to target equipment in electric power and liquified natural gas (LNG) facilities, but it could easily be adapted for other types of environments, as well as devices beyond Schneider and Omron PLCs.