{"id":15108,"date":"2020-04-07T12:41:46","date_gmt":"2020-04-07T10:41:46","guid":{"rendered":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/anatomy-cyber-attack-1\/"},"modified":"2025-03-18T13:59:16","modified_gmt":"2025-03-18T12:59:16","slug":"anatomy-cyber-attack-1","status":"publish","type":"post","link":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/","title":{"rendered":"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1"},"content":{"rendered":"<p>The extensive cyber intrusions on<a href=\"\/en?p=1234\" target=\"_blank\" rel=\"noopener noreferrer\"> Oil and Gas<\/a> companies have revealed that these intrusions are not just a one-off scenario to talk about, rather it demands a theoretical approach to understand the attack more precisely. There has been a wide range of <a href=\"\/en?p=1902\" target=\"_blank\" rel=\"noopener noreferrer\">cyber attacks<\/a> on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers, 2017- <a href=\"https:\/\/www.eenews.net\/stories\/1060123327\" target=\"_blank\" rel=\"noopener noreferrer\">Triton Malware<\/a> attack on an Oil and Gas company in Saudi Arabia, \u00a0where the attackers planted a malware which adversely took over the plant\u2019s Safety Instrumented Systems, 2019- Ransomware attack on a Mexican Oil and Gas company and so on.\u00a0 Cyber attacks on Oil and Gas companies become more pervasive and critical. There have been increased cyber attacks on the<a href=\"\/en?p=1985\" target=\"_blank\" rel=\"noopener noreferrer\"> Oil and Gas companies<\/a> now more than ever. The Oil and Gas companies have become a target for adversaries for almost a decade. The malware attacks from 2012 to today have shown a substantial increase in the technology and tools used to perform these, starting from a simple malware program to\u00a0 APTs (Advanced Persistent Threats).<\/p>\n<h2><strong>Breakdown of a Cyber Attack<\/strong><\/h2>\n<p>Even though the malware used over the years are different, the stages of a cyber attack remain consistent. The breakdown of a cyber attack can be done using <em><strong>Cyber Kill Chain<\/strong><\/em><strong>\u00ae <\/strong>developed by Lockheed Martin. It has been adapted to the ICS environment by Michael J.Assante and Robert M.Lee. The <a href=\"https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html\" target=\"_blank\" rel=\"noopener noreferrer\">Cyber Kill Chain<\/a> helps to understand, visualize and coordinating the steps for an adversary to achieve their targets. Let us go through the stages of a cyber-attack.<\/p>\n<h3><img decoding=\"async\" class=\" wp-image-3028 aligncenter\" src=\"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/ICS-Cyber-Kill-Chain-300x42.png\" alt=\"Cyber attack cyber kill chain\" width=\"1199\" height=\"168\" \/><\/h3>\n<h3><strong>Planning and Preparation for Attack<\/strong><\/h3>\n<p>The attacker selects the victim (organization, network, PC) based on their predefined goals expected rewards or according to instructions from whoever is directing that action. A cyber attack can be initiated also by an insider having a reason, a disgruntled employee or an expert hacker who is driven by a foreign country, a crime organization or a hostile commercial organization. The attacker may start with a phishing process targeting someone who corresponds with people working at the victim\u2019s organization. They are sending emails from a spoofed identity along with malware hidden in an attached file (Word, JPG file, etc.). This action leads to launching a Trojan code in the victim\u2019s computer (first one approached) and later in the IT network.<\/p>\n<h3><strong>Cyber Intrusion \u2013 Attempt\/ Success<\/strong><\/h3>\n<p>Upon activation of the injected code to collect network details that malware will start scanning the victim\u2019s IT network and all the accessible computers. Using this tool, the attacker steadily receives detailed information and builds a clear picture of the victim\u2019s network, usernames, passwords, IP addresses, connection to wireless devices, privilege accounts, etc. Once they gain access to the victim\u2019s network, they can spoof the identity of a network administrator, open their own account and start using their new email. Using an authorized account (like an ordinary employee) and after learning the administrator\u2019s account\u2019s credentials, the attacker can now upgrade their own \u201cuser account\u201d and request additional privileges, which a regular user (employee) does not have. This may allow them to comply with security procedures like \u201cleast privilege\u201d and \u201crole-based access\u201d.<\/p>\n<p>Through this \u201cauthorized membership\u201d, the attacker has now the needed privileges to compromise the firewall isolating between the IT network and the external internet. This will allow them to transfer command codes between the attacking computer (operated by hackers) connected through the internet to the IT network of the victim. The attacker can now continue with the process, obtain detailed information about the PLCs, Remote Terminal Units (RTU), used data protocols and IP addresses of the control devices (PLC, RTU) as accessible in the corporate IT network. Having \u201cauthorized presence\u201d, the attacker may start planning the next steps of the attack process. At this stage, the attacker may slowly collect more data on the system architecture, processes considered as normal, as seen through the corporate IT network. Furthermore, to hide their activity, the attacker may prevent the detection of their actions within the victim\u2019s network. They will also try hiding their own identity and delete all \u201ctraceable details\u201d.<\/p>\n<p>Once the attacker has adequate details on the IT network and obtained needed credentials, they can create a high-privilege (\u201cadmin\u201d) account. This will allow them to access the segregating firewall between the IT and ICS networks and also compromise additional security measures which might prevent accessing the ICS network.<\/p>\n<h2><strong>Management and Enablement<\/strong><\/h2>\n<p>The attacker is ready to start with the final stage and compromise the segregating firewall between the corporate IT and the ICS networks. Once that barrier is removed, the attacker may directly communicate with the ICS network and \u201cexport\u201d data (through the corporate network and the Internet) as needed for detailed planning of the attack process. The attacker may directly access all RTUs or PLCs and study the details of the control process; temperature, speed, pressure, vibration, flow, etc., and also analyze the data sent to the ICS Automation Servers and the HMI computer. This information will help the attacker to \u201ccreate a false picture\u201d of normal operation and transmit this \u201cpicture\u201d to the operator HMI during the attack (similar to Stuxnet).<\/p>\n<h2><strong>Sustainment, Entrenchment, Development &amp; Execution<\/strong><\/h2>\n<p>The attacker will modify the operation parameters of the RTUs or PLCs, change the control limits, modify control loops, compromise software-based protection, and generate the damage. While transmitting the false picture to the operator HMI (earlier recorded and stored) and showing normal conditions, the attacker is completing the task and destroying the critical machinery.<\/p>\n<p>The theoretical approach to a cyber attack helps experts to understand the characteristics of the attack which can be a valuable knowledge base to prevent such attacks in the future. In each stage of the cyber attack, a countermeasure is being broken or a specific countermeasure is needed to stop it. The dynamics of a cyber attack can change from one scenario to another but the phases of it remain consistent throughout. But how does it help <a href=\"\/en?p=2650\" target=\"_blank\" rel=\"noopener noreferrer\">Cyber Security<\/a> companies and organizations to design and develop countermeasures against such attacks? To be continued in <a href=\"\/en?p=3295\" target=\"_blank\" rel=\"noopener noreferrer\">Part 2<\/a>\u2026<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The extensive cyber intrusions on Oil and Gas companies have revealed that these intrusions are not just a one-off scenario to talk about, rather it demands a theoretical approach to understand the attack more precisely. There has been a wide&hellip; <\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\"> <span class=\"screen-reader-text\">Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1<\/span> Read More &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":12285,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"","footnotes":""},"categories":[2344],"tags":[],"coauthors":[2413],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v20.13 (Yoast SEO v20.13) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1 - Yokogawa Oil &amp; Gas Blog<\/title>\n<meta name=\"description\" content=\"There has been a wide range of cyber attacks on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers,...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1\" \/>\n<meta property=\"og:description\" content=\"There has been a wide range of cyber attacks on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers,...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\" \/>\n<meta property=\"og:site_name\" content=\"Energy and Renewables\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-07T10:41:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-18T12:59:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"847\" \/>\n\t<meta property=\"og:image:height\" content=\"565\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ashok Sadasivam\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\"},\"author\":{\"name\":\"Rudi Tester\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/person\/0bf50cfccfc1b2310dcc4976d069d1e6\"},\"headline\":\"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1\",\"datePublished\":\"2020-04-07T10:41:46+00:00\",\"dateModified\":\"2025-03-18T12:59:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\"},\"wordCount\":1024,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\",\"url\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\",\"name\":\"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1 - Yokogawa Oil & Gas Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#website\"},\"datePublished\":\"2020-04-07T10:41:46+00:00\",\"dateModified\":\"2025-03-18T12:59:16+00:00\",\"description\":\"There has been a wide range of cyber attacks on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers,...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#website\",\"url\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/\",\"name\":\"Energy and Renewables\",\"description\":\"Yokogawa\",\"publisher\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#organization\",\"name\":\"Energy and Renewables\",\"url\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/yokogawa-logo-e1651674418793.png\",\"contentUrl\":\"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/yokogawa-logo-e1651674418793.png\",\"width\":302,\"height\":89,\"caption\":\"Energy and Renewables\"},\"image\":{\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/person\/0bf50cfccfc1b2310dcc4976d069d1e6\",\"name\":\"Rudi Tester\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/person\/image\/0b44e4d1ba5237e8c26b293a1660c476\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/72b34d08d8c5de4ae05f8ea29d24031e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/72b34d08d8c5de4ae05f8ea29d24031e?s=96&d=mm&r=g\",\"caption\":\"Rudi Tester\"},\"url\":\"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1 - Yokogawa Oil & Gas Blog","description":"There has been a wide range of cyber attacks on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers,...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/","og_locale":"en_US","og_type":"article","og_title":"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1","og_description":"There has been a wide range of cyber attacks on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers,...","og_url":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/","og_site_name":"Energy and Renewables","article_published_time":"2020-04-07T10:41:46+00:00","article_modified_time":"2025-03-18T12:59:16+00:00","og_image":[{"width":847,"height":565,"url":"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s.jpg","type":"image\/jpeg"}],"author":"Ashok Sadasivam","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#article","isPartOf":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/"},"author":{"name":"Rudi Tester","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/person\/0bf50cfccfc1b2310dcc4976d069d1e6"},"headline":"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1","datePublished":"2020-04-07T10:41:46+00:00","dateModified":"2025-03-18T12:59:16+00:00","mainEntityOfPage":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/"},"wordCount":1024,"commentCount":0,"publisher":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#organization"},"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/","url":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/","name":"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1 - Yokogawa Oil & Gas Blog","isPartOf":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#website"},"datePublished":"2020-04-07T10:41:46+00:00","dateModified":"2025-03-18T12:59:16+00:00","description":"There has been a wide range of cyber attacks on Oil and Gas companies starting from 2012- Shamoon attack, which damaged more than a 10000 servers,...","breadcrumb":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/anatomy-cyber-attack-1\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/"},{"@type":"ListItem","position":2,"name":"Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1"}]},{"@type":"WebSite","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#website","url":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/","name":"Energy and Renewables","description":"Yokogawa","publisher":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#organization","name":"Energy and Renewables","url":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/yokogawa-logo-e1651674418793.png","contentUrl":"https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/yokogawa-logo-e1651674418793.png","width":302,"height":89,"caption":"Energy and Renewables"},"image":{"@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/person\/0bf50cfccfc1b2310dcc4976d069d1e6","name":"Rudi Tester","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/#\/schema\/person\/image\/0b44e4d1ba5237e8c26b293a1660c476","url":"https:\/\/secure.gravatar.com\/avatar\/72b34d08d8c5de4ae05f8ea29d24031e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/72b34d08d8c5de4ae05f8ea29d24031e?s=96&d=mm&r=g","caption":"Rudi Tester"},"url":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/author\/admin\/"}]}},"uagb_featured_image_src":{"full":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s.jpg",847,565,false],"thumbnail":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s-150x150.jpg",150,150,true],"medium":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s-300x200.jpg",300,200,true],"medium_large":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s-768x512.jpg",768,512,true],"large":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s.jpg",847,565,false],"1536x1536":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s.jpg",847,565,false],"2048x2048":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s.jpg",847,565,false],"post-thumbnail":["https:\/\/www.yokogawa.com\/eu\/blog\/app\/uploads\/sites\/10\/2022\/09\/43445277_s-356x200.jpg",356,200,true]},"uagb_author_info":{"display_name":"Rudi Tester","author_link":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/author\/admin\/"},"uagb_comment_info":0,"uagb_excerpt":"The extensive cyber intrusions on Oil and Gas companies have revealed that these intrusions are not just a one-off scenario to talk about, rather it demands a theoretical approach to understand the attack more precisely. There has been a wide&hellip; Anatomy of a Cyber Attack- ICS Cyber Kill Chain- Part 1 Read More &raquo;","_links":{"self":[{"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/posts\/15108"}],"collection":[{"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/comments?post=15108"}],"version-history":[{"count":1,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/posts\/15108\/revisions"}],"predecessor-version":[{"id":15109,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/posts\/15108\/revisions\/15109"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/media\/12285"}],"wp:attachment":[{"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/media?parent=15108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/categories?post=15108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/tags?post=15108"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.yokogawa.com\/eu\/blog\/renewables\/en\/wp-json\/wp\/v2\/coauthors?post=15108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}