Skip to main content
Whitepaper

Stuxnet to CRASHOVERRIDE to TRISIS: Evaluating the History and Future of Integrity-Based Attacks on Industrial Environments

Industrial Control System (ICS) attacks are typically viewed as immediate disruptive events designed to directly impair, damage, or otherwise disrupt an industrial process. Yet an analysis of the most significant ICS security events to date – Stuxnet, CRASHOVERRIDE, and TRISIS – reveals more worrying ambitions. Rather than seek immediate disruption, each of these attacks sought to undermine a fundamental aspect of process integrity as part of a multi-staged intrusion event to achieve impacts far greater than simply shutting down a plant or stopping the flow of electricity.

By appreciating and understanding this nuance in past events, ICS asset owners and defenders can gain greater understanding of potential ICS attack vectors – and the appropriate responses to attacks that seek to undermine critical aspects of operational environments. Most importantly, nearly all such attacks feature at least some degree of impact on process protection or safety, resulting in potentially hazardous process conditions (and physical destruction) either through the attack lifecycle, or when a compromised process is restored without understanding (or even knowing) it has been changed.

Enter your information to download the whitepaper.
SKIP

Discover more resources.

Explore more resources to support you on your ICS cybersecurity journey.

Read our next whitepaper

CRASHOVERRIDE: Reassessing the 2016 Ukraine Electric Power Event as a Protection-Focused Attack

Dragos, Inc.

View more whitepapers

Right Arrow

Ready to put your insights into action?

Take the next steps and contact our team today.