A recent joint Cybersecurity Advisory (CSA) warned that certain advanced persistent threat (APT) actors have exhibited the capability to manipulate and disrupt industrial processes, and Australia’s critical infrastructure is at risk.
The newest threat comes from a custom malware dubbed ‘INCONTROLLER’. Analysis by Mandiant indicates that INCONTROLLER was developed by a sophisticated nation state threat actor to maliciously manipulate industrial control systems (ICS) environments.
At present, INCONTROLLER is not tied to any incident, nor to a specific threat actor. However, the level of complexity observed in the malware should be a warning to Australian industry to prepare for more advanced threats.