Hacking Industrial Systems: Motives, Targets, Methods & Consequences

Instructor: Erik Rodriguez

Erik has experience working in Cybersecurity and has a Master's of Science in Information Systems.

In this lesson, we will discuss the motives, targets, and methods used in hacking industrial systems. Additionally, we will review some of the consequences faced by both the target and the hacker when a successful cyber attack is launched.

Lights Out

It's a seemingly ordinary day, and you are at home spending quality time with your family. As everyone gathers in the living room to watch a movie, nothing seems to be amiss. Midway through the film, however, the electricity in your home abruptly goes out. A quick glance out the window shows that it's not just your house but the entire neighborhood that has seemingly gone dark. Throughout the blackout, information quickly spreads, and you learn that this is not a localized occurrence, but, in fact, 230,000 people across the country are experiencing the exact same thing. Little does anyone know, however, the electricity will not be restored until six hours later. This scene may seem like it is pulled straight out of an apocalyptic movie, but this was the reality for the citizens of Ukraine when malware affected the country's power grid. As more of our nation's critical infrastructure becomes reliant on technology, the prospect of a cyber attack becomes more likely.

Cyber attacks on industrial systems at power plants can cause blackouts
power grid

Motives for Hacking Industrial Systems

The motives for hacking an industrial system primarily depend on the perpetrators and what they hope to gain from the attack. For instance, state-sponsored hacking is when a federal government hacks other governments in order to disrupt elections, gather intelligence, or cripple infrastructure such as the power grid. The Ukrainian blackout discussed earlier was the result of a Russian cyber attack on Ukraine's power grid. Hacktivists, however, launch cyber attacks for socially or politically motivated reasons. Suppose a furniture manufacturer is found to use unsustainable methods for its procurement of wood to produce the furniture. A hacktivist group may launch a cyber attack on the manufacturing plant's systems as a form of protesting against these methods. On the other hand, a black-hat hacker is one who is motivated by the prospect of personal or financial gain. They may be inclined to infect industrial systems with ransomware in an effort to get the company to pay the ransom. Whatever the motive, however, any successful cyber attack launched on an industrial system has the potential to cause massive disruptions to the plant's processes.

Some hackers are motivated by financial gain
hacker

Common Targets

Much like the motives for launching an attack against an industrial system, the targets chosen for a cyber attack largely depend on the threat actor and what they hope to gain from an attack. Threat actors with more skill and resources typically target more robust systems, which can lead to a higher payoff should the attack be successful. However, your everyday black-hat hacker may target less secure and less centralized systems. Generally, though, Supervisory Control and Data Acquisition (SCADA) systems may attract hackers with the most incentive to launch an attack. This is because SCADA systems offer a way of monitoring and controlling field sites through a centralized system. An attacker can exploit this to gain access to a system, and then move around through different field sites and the main, central system.

Attack Methods

The methods a malicious actor may employ in order to launch an attack on an industrial system depend on a variety of factors. These include the attacker's skill in launching certain types of attacks, the system's security measures, and the attacker's intended impact on the system. For instance, a state-sponsored hacker will have vastly larger amounts of resources at their disposal compared to your average black-hat hacker; that would allow the state-sponsored hacker to launch more sophisticated attacks.

Targeted Ransomware

Targeted ransomware involves an attacker sending targeted emails which contain specialized malware to high-level individuals. This act is known as spear-phishing. Once a recipient opens the attached malware (which is designed to appear innocuous), the malware creates a backdoor which allows the attacker to remotely access the system's network. Through this method, an attacker is able to spread ransomware throughout the industrial control system.

Ransomware is designed to lock system files until the victim pays a ransom
ransomware

IIOT Pivot

IIOT Pivot is a method an attacker can use to gain access to various systems within an industrial control system through a cloud vendor. To better understand this method, let's break down the term IIOT Pivot. IIOT stands for Industrial Internet-Of-Things, which refers to devices and services that are connected to the Internet and used in industrial settings. The term pivot refers to the act of using a vulnerability to assist in moving from one system to another within the same network. In IIOT Pivot, an attacker will exploit a vulnerability in an Internet-facing service or device to gain a foothold in the industrial system. Once inside, they will then use other vulnerabilities to gain access to other systems by exploiting these other vulnerabilities.

Compromised Remote Site

Compromised remote site refers to when an attacker is able to infiltrate a system's remote substation, which they then use to gain access to the central system. Many industrial plants today have one main, centralized station along with one or more substations. Typically, the networks in a substation are connected to the central station in order to facilitate easy communication between the sub and main stations. If a malicious actor can successfully gain access to the substation's network, they can then easily make their way to the central station where all the main controls and systems are located.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support