Adam Bosnian is Executive Vice President of the Americas and Corporate Development at Cyber-Ark seems to think so.
“Our research has shown that these high-profile attacks on our ICS have all followed this distinct pattern. Attackers are using simple means to breach the perimeter. Once inside, they immediately target privileged accounts to gain access to additional servers, databases, and other high-value systems. Because OT is now connected with traditional IT systems and corporate networks, attackers can exploit these accounts to elevate access to OT as well. These privileged accounts also allow the attackers to easily hide inside the organization and exfiltrate data on their own timeline. The real problem is that most organizations have no idea how many of these accounts exist on their network and where they are.”