As per the tweet, an anonymous collective GhostSec has carried out a large-scale attack on industrial control systems. A total of 104 ICS devices were targeted. The term “industrial control system” refers to many types of control systems and associated instruments, which comprise the devices, systems, networks, and controls needed to operate and/or automate industrial processes. Each ICS acts differently depending on the business and is designed to efficiently manage duties electronically.
#OpRussia
LARGE SCALE ICS HACK – Devices affected consist of Modbus + IEC protocol based devicesTLDR: LARGE SCALE HACK ON INDUSTRIAL CONTROL SYSTEMS
ICS devices attacked: 104
As usual From #GhostSec, with love!
more details;https://t.co/qfZNxpx3jB pic.twitter.com/v3mWHhvKWn
— GSM (@GS_M4F14) June 3, 2022
Furthermore, Modbus is among those who are harmed. Modbus is a serial communication protocol created by Modicon® and published in 1979 for use with its programmable logic controllers (PLCs). In layman’s terms, it is a means of delivering data across serial lines between electrical equipment. Some IEC protocol-based devices were also impacted.
Previously, as per the sources, we also came to know that through phishing attempts, a significant group of hacktivist-class offenders acquire IT remote access passwords. These attackers finally breach the IT Windows Domain Controller, establish new accounts, and provide the new accounts full administrative powers, including access to ICS devices.
The hackers log into the ICS equipment and monitor how the ICS HMI operates until they understand what many of the screens and functions do. At that point, the group seizes control of the HMI and manipulates the physical process. Simultaneously, co-attackers utilize administrator credentials to log into ICS equipment, erase hard drives, and, if possible, erase device firmware.
