An Intro to Industrial Control Systems and Operational Technology Threats on the Darknet

September 08, 2022

This Research Report is now live >> Check it out here.


Upcoming research from DarkOwl displays an alarming number of threats on the darknet and deep web that could effectively target and compromise Critical Infrastructure.

For the past several months, DarkOwl analysts have been monitoring for and documenting instances on the darknet that could be threatening to Industrial Control Systems (ICS) and their adjacent Operational Technologies (OT). These two critical systems govern most everything societies rely on in the modern age. They include critical infrastructure such as manufacturing facilities, water treatment plants, mass transportation, electrical grids, gas, and oil refineries… all rely on some aspect of ICS/OT incorporated in their industrial processes.

In doing so, DarkOwl’s analysts found a significant number of instances in which attacks or attack vectors that could directly effect these critical industries were being actively discussed or circulated on the darknet. The research will be published an upcoming whitepaper, Industrial Control Systems (ICS) & Operational Technology (OT) Threats on the Darknet.

The full extent of this research will be published Tuesday, September 13 and will cover how critical infrastructure is being targeted on the digital underground.

Abstract

Industrial Control Systems (ICS) & Operational Technology (OT) Threats on the Darknet

In recent years, especially in the world of ransomware and extortion-as-a-service crime – which is highly prevalent on the darknet – the information security community and major security operations centers have been centrally focused on securing sensitive organizational ‘data’ and intellectual property with concerted attempts to mitigate network attacks and remediate the effects of one leak after another leak emerging on the darknet and across underground criminal communities.

ICS/OT security involves protecting critical ‘processes’ needed in critical infrastructure and manufacturing facilities and is less concerned about data loss. The effects of ICS/OT attacks, especially against those that involve targeted unencrypted, serial communication protocols, are not manifested as simple domain network and email connectivity issues. A successful ICS-OT attack transcends the cyber realm and can result in the physical destruction of devices, kinetic explosions, and even risks the potential loss of human life.

In this darknet research investigation, the analysts at DarkOwl review the threats discussed and circulated on the darknet related to ICS/OT and exploits designed to compromise Supervisory Control And Data Acquisition (SCADA) panels. The research highlights initial points of compromise and data brokers in unauthorized network access, the reconnaissance utilities employed by threat actors to surface critical infrastructure system vulnerabilities, and the real dangers presented by the industry’s reliance on insecure IEC protocols.


To receive a copy of this research as soon as it goes live on September 13, drop your email below:

See why DarkOwl is the Leader in Darknet Data

Copyright © 2022 DarkOwl, LLC All rights reserved.
Privacy Policy
DarkOwl is a Denver-based company that provides the world’s largest index of darknet content and the tools to efficiently find leaked or otherwise compromised sensitive data. We shorten the timeframe to detection of compromised data on the darknet, empowering organizations to swiftly detect security gaps and mitigate damage prior to misuse of their data.