Press Release | April 13, 2022

NSA partners with DOE, CISA, and FBI to release advisory on APT Cyber Tools Targeting ICS/SCADA devices

FORT MEADE, Md. — The Department of Energy (DOE), along with the Cybersecurity and Infrastructure Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI), issued a joint cybersecurity advisory, “APT Cyber Tools Targeting ICS/SCADA Devices,” to warn that certain advanced persistent threat (APT) actors have the capability to gain full system access to multiple industrial control system/supervisory control and data acquisition (ICS/SCADA) devices.
 
This advisory provides detection and mitigations recommendations for all critical infrastructure organizations to detect potential malicious APT activity. By leveraging custom-made tools for targeted ICS/SCADA devices, APT actors can control affected devices and maintain full system access, potentially lead to a disruption of critical devices or functions.
 
ICS/SCADA devices that are at risk of exploitation include certain:

  • Schneider Electric MODICON and MODICON Nano programmable logic controllers (PLCs),
  • Omron Sysmac NJ and NX PLCs, and
  • Open Platform Communications Unified Architecture (OPC UA) servers.

Read the full report here.
 
Visit our full library for more cybersecurity information and technical guidance.