The Cat Photo That Disabled Production: The Rise of Steganography-Based OT Cyberattacks

  • First and foremost, economic espionage
  • Secondly, they could be used to get deep insights into software/hardware design and find zero-day vulnerabilities that can be then exploited in attacks against enterprises that use these products
  • Thirdly, one of major and more common techniques for highly-skilled hackers is to embed a malware or a backdoor in this type of product for later use at their deployments (as was the case in CCleaner and NotPetya)
  • Finally, the stolen suppliers’ credentials can be used for initial access into to their customers’ networks during periodic maintenance and service (like in the famous “Cloud Hopper” campaign)

Prevention and Mitigation

  • Network segmentation and segregation: one of the key structural changes all industrial organization should implement is maintaining separation between operational and IT networks using firewalls and DMZs
  • Human/social engineering: this activity involves employee training on what steganography and phishing attacks are, what to look for in illegitimate emails, and procedures for reporting to IT department; some organizations actually hold phishing-preventing exercises for senior/sensitive position-holders, and even penalize employees for not following email safety guidelines
  • Detection by an IDS: while files containing hidden malware can’t always be detected prior to human activation, Intrusion Detection Systems (IDSs) such as Radiflow’s iSID are able to detect minute changes in network behavior that indicate the triggering and the propagation of malware, such as connecting to a previously unused hosting server, opening new external connections, and/or unusual data traffic patterns

Conclusion

--

--

--

The International Society of Automation (isa.org) is a non-profit professional association founded in 1945 to create a better world through automation.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Hachiko Will be Available on CoinTiger on 26 October.

Gossip Protocol

How I aced CISSP

{UPDATE} B.O.W Hack Free Resources Generator

https://paidforarticles.com/how-hackers-really-hack-1-597912

Winning by a whisker: revisiting Apple security

Financial Crime News

👨‍💻 Microsoft Turns to Ethereum for Tackling Software Piracy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
International Society of Automation - ISA Official

International Society of Automation - ISA Official

The International Society of Automation (isa.org) is a non-profit professional association founded in 1945 to create a better world through automation.

More from Medium

CVE Program Report for Q4 Calendar Year 2021

Security.txt: publishing a security policy for your websites

1Password Manager Review: A World-Class Service

Several desktop and mobile apps of a program called 1password manager

How Breach Assessment can help to reduce Ransomware Attacks