The U.S. came dangerously close to suffering a major cyber attack on its energy infrastructure last year, says the head of a cybersecurity company that focuses on risks to operational technology (OT) systems such as industrial control systems (ICS).
The discovery of malware dubbed Pipedream by Dragos Inc. and U.S. cyber agencies was “the closest we’ve ever been to having U.S. infrastructure go off-line,” said company CEO Robert Lee.
“I don’t think people realized how close it was to happening.”
He made the comment to reporters in a briefing before Dragos released its annual year-in-review report on Tuesday.
The report highlighted problems in network visibility in ICS/OT networks, an increase in ransomware attacks on industrial firms, and problems with identifying the seriousness of vulnerabilities in ICS/OT devices.
Pipedream was created by a new nation-state group dubbed Chernovite. Its existence was publicized last April, but Lee said its significance was missed by news media, who focused on the malware’s ability to target programmable logic controllers [PLC’s] from Schneider Electric and Omron, and that it appeared to initially target electricity and liquid natural gas plants in the U.S..
“That was just their initial set of targets,” Lee said. “This thing can work anywhere. This is a state-level, war-time capability” to bring down infrastructure.