Assessing Intent

There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS).

The reality is that hackers targeting ICS is nothing new. I am not clear on how these authors have determined that the intent of the hackers is to take over the power plants. There are multiple potential motives for the attacks. In some cases a hacker may simply want to have bragging rights. A hacker who wants to raise awareness of critically poor security might have another motive.  In the case of Stuxnet I have not seen any reports that conclusively indicate the malware had the ability to control or grant control of the systems it targeted.

Clearly there are those who would want to control critical infrastructure systems, however right now it seems that Stuxnet is the hype around what is a very real threat. The Stuxnet worm is an example of something called a High Impact, Low Frequency attack (HILF). Stuxnet was a bit novel in that for a HILF it had more frequency than normal due to the fact that it is a worm, so it spreads rather than focusing on a single or very narrow group of targets.

The frequency of HILF attacks is increasing and they are not only a threat to the critical infrastructure. Any company could be the target of such an attack. For more information on this threat I recommend reading this SC Magazine article “Keeping HILFs from crashing your party

Randy Abrams
Director of Technical Education

Author , ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.