| The APT actors have developedcustom-made tools for targeting ICS/SCADA devices. The tools enable them to
 scan for, compromise, and control affected devices once they have
 established initial access to the operational technology (OT) network.
 Additionally, the actors can compromise Windows-based engineering
 workstations, which may be present in information technology (IT) or OT
 environments, using an exploit that compromises an ASRock motherboard driver
 with known vulnerabilities. By compromising and maintaining full
 system access to ICS/SCADA devices, APT actors could elevate privileges,
 move laterally within an OT environment, and disrupt critical devices or
 functions.
 |