Skip to main content

Industrial cyberattacks see huge rise

(Image credit: Image source: Shutterstock/alexskopje)

Nowadays, hackers are more interested in wreaking havoc, rather than just creating malware that’s going to steal data or conduct some form of espionage, new research has said.

According to IBM’s X-Force IRIS incident response team, cyberattacks designed to cause damage, employing the likes of Industroyer, NotPetya or Stuxnet, have more than doubled in the past six months. 

Half of all of the attacks were against organisations in the manufacturing sector (opens in new tab), with the attackers looking to lock systems, crash PCs, make services unusable, and / or delete critical files. Organisations in oil, gas, and education are considered most at risk.

"Historically, destructive malware such as Stuxnet, Shamoon, and Dark Seoul was primarily used by nation-state actors," the researchers say. "However, especially since late 2018, cybercriminals have been incorporating wiper elements into their attacks, such as with new strains of ransomware like LockerGoga and MegaCortex."

Businesses residing in Europe, the US and the Middle East are most frequently targeted. They’re usually attacked with phishing (opens in new tab), credentials theft, so-called “watering hole” attacks, as well as attacks against the supply chain and other third parties.

Some hackers will compromise the network (opens in new tab) and sit idly for months, before opting for a specific set of moves.

"There are two forms of targeted attacks in the destructive world: "I need to be low and slow until I gather the information I need and plan out my attack' [...] or, "I'm going to drop in, release, and let it go wild," said Christopher Scott, Global Remediation Lead at IBM X-Force IRIS.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.