The Attack Plan

Critical infrastructure control systems are comprised of IT and OT components that are interconnected. The image below shows what the environment looks like and points to the various boundaries that are deeply connected through network configuration.


There are multiple attack vectors in and out of the environment that owners and operators use for transparency and operations and maintenance. But they can also be leveraged by adversaries to conduct attacks.

In this example, installing a payload comes through the supply chain. After the payload is delivered, the attack goes through wireless, and exploitation is triggered. It then moves through the routable IT; complete command and control is established by the attacker.