Saddy Ramco's Industrial Control Systems Are Connected

The attack hit in august, but they had already gotten into the systems around april to may. The attackers likely got in through a fishing email. This is where they'd send a specific employee an email with an interesting attachment link. Since the employees had no security training, it was probably not that hard to get one of them to click a link or open an attachment. So for instance, the attackers would hope they're running an older version of micro soft word or adobe acrobat that has known vulnerabilities. And successful, it would open up a reverse terminal back to the attacker.