Denial of Control

From attackics
Jump to navigation Jump to search
Denial of Control
ID T813
Tactic Impact


Adversaries may cause a denial of control to temporarily prevent operators and engineers from interacting with process controls. An adversary may attempt to deny process control access to cause a temporary loss of communication with the control device or to prevent operator adjustment of process controls. An affected process may still be operating during the period of control loss, but not necessarily in a desired state.123

In the Maroochy attack, the adversary was able to temporarily shut an investigator out of the network preventing them from issuing any controls.

Procedure Examples

  • Industroyer is able to block serial COM channels temporarily causing a denial of control.4