In the decade since the Stuxnet worm was discovered, multiple attacks that have been launched against operational technology (OT) networks including Shamoon, Havex, Wannycry, and Lockergoga. Looking back, a disturbing trend has emerged. Industrial attacks are being recycled.
Consider LockerGoga, which crippled Norsk Hydro, one of the largest aluminum manufacturers in the world, in March of 2019. Like Stuxnet, this incident was a watershed moment in OT security because it not only impacted OT operations by taking aluminum production offline, but it also impacted IT security. For the first time, an attack moved laterally between once air-gapped IT and OT networks.