Combatting emerging-malware aimed at industrial control systems

Analyzing malicious capabilities before they have the chance to disrupt or destroy infrastructure gives defenders a unique opportunity to prepare in advance—a goal that’s becoming essential asserts a new Dragos whitepaper. “PIPEDREAM: CHERNOVITE’s Emerging Malware Targeting Industrial Control Systems” offers industrial asset owners and operators an instructive look at this new attack framework and what can be done to mitigate the risks it poses.

In early 2022, in collaboration with partners, Dragos discovered the seventh ever publicly known malware specifically developed to disrupt ICS. Developed by activity group CHERNOVITE, “PIPEDREAM demonstrates significant adversary research and development focused on disruption, degradation and potentially destruction of industrial environment and physical processes. It can disrupt, degrade, and potentially destroy industrial environments and processes,” says Dragos in its whitepaper.

While they are confident PIPEDREAM has not yet been employed, this is a competent attack framework that can “execute 38% of known ICS attack techniques and 83% of known ICS attack tactics as measured against the MITRE ATT&CK.”

The whitepaper provides new tactics, techniques, and procedures to assist in the detection and overall awareness to improve OT environments’ security postures, regardless of whether CHERNOVITE deploys PIPEDREAM.

Read the report to learn more about how to combat this emerging malware.

This article was produced by Scoop News Group for CyberScoop for, and sponsored by, Dragos.