The Rising Tide: ICS Attacks and the Increasing Threat to Critical Infrastructure

Joe Slowik

Industry Control System (ICS) security remains in a field prone to hyping minor threats but 2017 represented a watershed year and tracking attacks in a control system environment. Throughout 2017, five activity groups were identified targeting ICS environments, too high profile attacks uncovered: The CRASHOVERIDE attack in the Ukraine executed in December 2016 and identified in June 2017,  and the TRISIS attack in Saudi Arabia. While previously many assumed only a few, well-resourced teams could execute attacks in ICS, current information shows that ICS is increasingly popular for malicious actors.

This presentation will review the two major ICS attacks identified in 2017 and their implications as signals for an undeclared cyber war the discussion will then turn into groups currently active in the ICS space and what the future holds for upcoming operations it will then conclude with an overview of ICS network defense and expectations for the near future and the threat environment.