PIPEDREAM Malware and the CHERNOVITE Threat Group

PIPEDREAM is the seventh known Industrial Control Systems (ICS)-specific malware and is capable of disruption, degradation, and potentially destruction of industrial environments. It was developed by the Dragos-designated Activity Group (AG) CHERNOVITE. PIPEDREAM can impact a wide variety of Programmable Logic Controllers (PLCs) and industrial software, including specific Omron and Schneider Electric PLCs, and improperly configured Open Platform Communications Unified Architecture (OPC UA) servers.

In this briefing, Dragos Intelligence experts provide a detailed analysis of the PIPEDREAM components, their capabilities, the impacted devices, potential usage scenarios that highlight the impact the malware can have, and recommendations for mitigation.