Skip to main content Skip to main navigation


Cybersecurity in Industrial Automation and Control Systems: The Recent Attack of the Colonial Pipeline

Christoph Lipps; Shaden Baradie; Jan Herbst; Leigh Armistead; Hans Dieter Schotten
In: Neal Kushwaha; Brett van Niekerk; Trishana Ramluckan. Modelling Nation-state Information Warfare and Cyber-operations Paperback – 7 Jun. 2022. Chapter 3, ISBN Modelling Nation-state Information Warfare and Cyber-operations Paperback – 7 Jun. 2022, Academic Bookshop, 6/2022.


Attacking networks and systems is (almost) as old as networks themselves, nonetheless, the tactics, nature and objectives of these attacks are currently changing significantly. It's no longer “script kiddies” trying their skills, using generalized Denial of Service (DoS) attacks to bring systems down, or attacks on Small and Medium Enterprises (SMEs); instead, this is about big money, high value plus high-profile targets of Critical National Infrastructure (CNI) and large industrial facilities. These control systems and Operational Technology (OT) are often attacked in a very targeted manner, with greater danger in the future. Gartner (2021) forecasts that the damage caused by targeted hacker attacks will amount more than $50 billion by 2023 and that by 2025 at the latest, people will be injured or killed by cyberattacks. In the first half of 2021 alone, the number of ransomware attacks -as part of these attacks- increased by more than 244%, and in the last two years by more than 800% (Oren, 2021). Although these attacks have been taking place for quite some time, they are moving into the media spotlight as their impact affects a larger segment of society. In May 2021 this happened to the East Cost of the United States (US) as hackers took down the largest fuel pipeline in the US and led to shortages in gasoline, diesel and other, where the cyber-criminal group DarkSide received $ 5 million of ransomware, with this attack. But, as the attack on the Colonial pipeline was just the beginning, this work highlights what Industrial Automation and Control Systems (IACSs) are, why they are that vulnerable. Plus based on the recent attacks on these systems and as already shown in the past how easily individual targeted attacks can cause huge damage, in this paper, a number of different attack vectors are described, with countermeasures referenced as the evidence is discussed, and the lessons learned are highlighted.