Attack types
Attacks can be categorized according to their execution. The effort involved in the attack plays a key role:
Category | Description |
|---|---|
Broad, viral attacks | The attacks exploit widespread vulnerabilities and spread to reachable neighbors. Such "untargeted attacks" are aimed at attacking as many affected systems as possible in order to benefit the attacker. The benefits for the attacker arise, for example, from extortion to decrypt data ("ransomware") or using the resources of the attacked party ("botnet"). These attacks often use unpatched vulnerabilities or common organizational flaws such as weak passwords. |
Vendor and integrator-specific attacks | The attacks exploit vulnerabilities in certain products that may be less common. These attacks can spread automatically, but they target special products or configurations as vulnerabilities (e.g. from Beckhoff or, if applicable, integrator configurations/extensions). Attack targets can also be industry-specific, such as spying out know-how or the like. |
User-specific attacks | Such attacks are directed against precisely one system installation, hence the term targeted attacks. They are difficult to detect and are elaborately carried out by the attacker. Targeted system configurations are used to achieve the aim of the attack. Attack targets are manifold and are generally difficult to predict. |
 | Only measures against broad viral and vendor-specific attacks are presented in these security guidelines. User-specific attacks necessitate analyses and counter-measures on the part of the user. |