Cyberattacks against industrial targets have doubled over the last 6 months

Note that there’s nothing new about the methods of attack, just the targets…:

[…] The most common initial infection vectors are phishing emails, the theft of credentials required to enter an internal network, watering hole attacks, and the successful compromise of third parties with a connection to the true target. Some hackers will lurk in corporate systems for months before launching a malicious attack, whilst others will wreak havoc the moment they gain entry.

“There are two forms of targeted attacks in the destructive world: “I need to be low and slow until I gather the information I need and plan out my attack’ […] or, “I’m going to drop in, release, and let it go wild,” said Christopher Scott, Global Remediation Lead at IBM X-Force IRIS.


Original article here