Gartner research predicts that by 2025, cyber attackers will have weaponized Operational Technology (OT) environments to successfully harm or kill humans. [Dataquest]
Just when you thought ransomware was bad enough allowing cybercriminals to hack-for-cash, an even more malicious malware dubbed “killware” is emerging.
In recent articles from Dataquest and USA Today, devious cyber attackers increasingly are targeting critical parts of the nation’s infrastructure – everything from hospitals and water supplies to banks, police departments and transportation – in ways that could potentially harm or even kill people.
- At the Oldsmar water treatment plant in Florida, a malicious actor attempted to change chemical mixtures to unsafe levels as part of the water treatment process. While the mass water poisoning issue was corrected before harm could be done, the incident was a wakeup call for water districts everywhere. The attack was not for financial gain but to do harm. [USA Today]
- The SolarWinds digital supply chain attack involved hackers inserting a malicious trojan code into an update for the trusted third-party’s popular network management platform. Customers who routinely updated their Orion software unknowingly downloaded the embedded virus into their systems. Once inside, the attackers could choose which areas to access and were able to move through systems and conduct their operations undetected. [Senate RPC]
- A rash of ransomware attacks on hospitals, such as the nationwide cyberattack on Universal Health Systems, one of the largest healthcare providers with 400 acute care hospitals, behavioral health facilities and ambulatory centers, had to divert patients to neighboring hospitals and cancel or defer critical surgeries, tests and other medical procedures. [USA Today]
- The largest cyberattack on a U.S. oil infrastructure, Colonial Pipeline, impacted computerized equipment managing the pipeline. The company supplies 45% of fuel supplies on the East Coast, transporting 2.5 million barrels each day. The ransomware attack resulted in gas shortages and price surges throughout several states. [Barnes Windley]
In all of these examples, the objective of the attacker is to cause harm to humans by using killware in an Operational Technology environment. Whether it is in a chemical plant, an air traffic control system, a dam or manufacturing factories, it is just a matter of time before killware will take its first victim.
What if your organization is next?
With October being National Cybersecurity Awareness month, Magna5 urges all its customers to spring into action to ensure their networks are secure.
Taking a reactive path of “waiting” for an issue to occur is not an option.
Cyber attackers are simply too clever for you to fight data breaches and intrusions alone. Ransomware attacks are growing more than 350% annually. Many government entities are taking preventive measures by turning to managed security providers who can proactively safeguard critical infrastructure and data using smart, multi-tiered security defenses to stay one step ahead.
Aggressive measures are needed to counter unauthorized access and threat intrusion.
Managed security providers can boost detection and response times to cyber threats by proactively monitoring the security integrity of your entire network around the clock. They will identify patterns of events indicating a possible threat, determine the risk and act quickly.
Early-warning detection capabilities can identify and block malicious traffic before threat actors disrupt operations.
It is vitally important to have visibility into your entire network, including all virtual machines, cloud apps, endpoints, mobile devices and VoIP phones. Moving data to a secure cloud environment monitored by a proven managed security provider can secure your data using next-generation firewalls and intrusion protection systems that monitor traffic in real-time for effective cyber threat prevention.
Protection begins with knowing where the weak spots are in your network.
Managed security providers can provide internal and external scans of network devices, servers, applications, databases and more … on-premises and in the cloud … to see what’s exposed to threats and recommend corrective action. Regularly scheduled patch management can close known vulnerabilities that ransomware attackers often exploit.
Backup and recovery capabilities play a big role in restoring lost data in the event of attacks.
Managed security providers can swiftly respond to downtime events with cost-effective restore solutions. Seamless recovery can happen in minutes to keep municipalities and private companies running without interruption. You can specify recovery for an entire virtual environment or specific end-user systems, cloud applications and departmental infrastructures.
Check out our short Managed Security and Endpoint Security videos to learn more.