Cyber-physical attack definition
A cyber-physical attack is a cyber attack aimed at physical systems (power plants, water treatment facilities, factories, traffic control systems, etc.)
Unlike in a traditional cyber attack, the goal of a cyber-physical attack is not merely to gain unauthorized access to data or systems but also to cause physical damage or disruption to the operations of these systems. This includes shutting down power grids, altering the chemical mix in water treatment plants, or causing equipment in a factory to malfunction.
History of cyber-physical attacks
The Stuxnet worm. Stuxnet was the most famous example of a cyber-physical attack, a malicious computer worm first uncovered in 2010. It is believed to have been developed by the United States and Israel to attack Iran’s nuclear facilities. The worm specifically targeted the programmable logic controllers used to control industrial processes, causing physical destruction of the centrifuges at the facilities.
The Ukrainian power grid attack. This was a well-coordinated, multi-stage attack that resulted in a power outage for about 225,000 customers in Ukraine in 2015. The attackers used spear-phishing emails to gain network access, harvested credentials, destroyed files, and cut power by opening circuit breakers at several substations.
TThe Triton attack. In 2017, this attack targeted safety instrumented systems used in manufacturing and other industrial environments to protect human life, the environment, and equipment. The malware was designed to manipulate these systems and cause physical damage. It was discovered in a petrochemical plant in the Middle East.