Eye-opening story from USA TODAY with this headline:
“The next big
cyber threat isn't Ransomware. It's Killware, and it's just as bad as it
sounds.”
Even as most Americans are still learning about the
hacking-for-cash crime of ransomware, the nation’s top homeland security
official is worried about an even more dire digital danger: “Killware,” or
cyberattacks that can literally end lives.
The Colonial Pipeline ransomware attack in April
galvanized the public’s attention because of its consumer-related
complications, including long lines at gas stations – says HSD Secretary
Alejandro Mayorkas in an interview with USA TODAY's Editorial
Board last week.
He then added: “There was a cyber incident that very
fortunately did not succeed. That was is an attempted hack of a water treatment
facility in Florida, and the fact that that attack was not for financial gain
but rather purely to do harm. That attack was on the Oldsmar, FL water system
in February that was intended to distribute contaminated water to residents and
that should have gripped our entire country.”
It’s no surprise that it didn’t grip the country since USA TODAY and others reported on that hack, but it came amid a flurry of reports of other, bigger cyberattacks such as the Solar Winds intrusion of government agencies, technology firms like Microsoft, and cybersecurity companies.
But Mayorkas and other cybersecurity experts say the Oldsmar
intrusion was just one of many indications that malicious hackers increasingly
are targeting critical parts of the nation's infrastructure – everything
from hospitals and water supplies to banks, police departments and
transportation – in ways that could injure or even kill people.
Mayorkas then told USA
TODAY in a follow-up exchange: “The attempted hack of this water treatment
facility in February 2021 demonstrated the grave risks that malicious cyber
activity pose to public health and safety. The attacks are increasing in
frequency and gravity, and cybersecurity must be a priority for all of us.”
Like Mayorkas, private-sector computer security experts
recently have begun issuing warnings that so-called cyber-physical security
incidents involving a wide range of critical national infrastructure targets
could potentially lead to loss of life. Those include oil and gas manufacturing
and other elements of the energy sector, as well as water and chemical systems,
transportation and aviation and dams.
For example Wam
Voster, senior research director at the security firm Gartner Inc. wrote: “With
the rise of consumer-based products like smart thermostats and autonomous
vehicles, Americans are now living in a ubiquitous Cyber-Physical Systems world
that has become a potential minefield of threats. In a July 21 report, Gartner said it was seeing enough
evidence of increasingly debilitating and dangerous attacks that by 2025, cyber
attackers will have weaponized operational technology environments to successfully
harm or kill humans. The attack on the Oldsmar water treatment facility shows
that security attacks on operational technology are not just made up in Hollywood anymore.”
Voster concluded:
“The Triton malware was first identified in December 2017 on the operational
technology systems of a petrochemical facility. It was designed to disable
the safety systems put in place to shut down the plant in case of a hazardous
event. If the malware had been effective, then loss of life was highly likely. It
is not unreasonable to assume that this was an intended result, thus malware
has now entered the realm of Killware.”
A frightening target
is Hospitals:
Officials are concerned about the rash of ransomware attacks on hospitals, which had to divert patients and cancel or defer critical surgeries, tests and other medical procedures, as was the case in a nationwide cyberattack on Universal Health Services, one of the nation's largest health care providers, in September 2020.
RELATED: Hospitals report rise in hacking during COVID. In hospital hacks, patients could die or suffer life-threatening complications but it would be nearly impossible to find out unless medical centers willingly offered that information, said a senior DHS official speaking on the condition of anonymity because he was not authorized to discuss ongoing security concerns.
A year ago, the FBI, DHS, and HHS issued a warning alert about such attacks on hospitals, describing the tactics, techniques, and procedures used by cybercriminals to infect systems with ransomware for financial gain saying: “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. CISA, FBI, and HHS are sharing this information to provide warning to healthcare providers to ensure that they take timely and reasonable precautions to protect their networks from these threats.”
Liability for loss of
life:
Cybersecurity experts have begun warning government and
corporate leaders that they could be held financially or even legally liable if
breaches of computerized systems they oversee are found to have had a human
impact.
Who are the hackers?
HSD security officials would not comment on who might have
been behind the Florida attack, including whether it was linked to a foreign
power.
Several nations, including Iran, Russia and China have
penetrated key elements of U.S. critical infrastructure, but there have been
few instances of them taking any action. Officials believe more and more
foreign governments and non-state actors are engaging in malicious
cyber-activity – sometimes together – in ways that make it
nearly impossible to attribute the attacks, or to determine whether they were
driven by profit, political motives or both.
In 2015, for example, an Iranian “Hactivist” group claimed
responsibility for a cyberattack two years earlier that gave it access to the
control system for a dam in the suburbs of New York.
In a criminal
indictment, the DOJ later said that seven Iranian hackers penetrated
the computer-guided controls of the dam on behalf of that country’s
military-affiliated Revolutionary Guard as part of a broader cyberattack
against 46 of the United States largest financial institutions.
Cybersecurity
officials at DHS have long known: “That water facilities and other critical
infrastructure have been vulnerable for many, many years. What made this one
different in FL was that there was an intruder who consciously exploited
that vulnerability with malicious intent. It is also significant because it is
one of the few incidents where malicious cyber activity is crossing the line
and can actually threaten the lives of people for instance by increasing the
level of potentially toxic chemicals in the water supply.”
DHS told USA TODAY that a malicious actor attempted to change chemical mixtures to unsafe levels as part of the water treatment process at the FL plant and concluded saying: “A plant operator detected the changes and corrected the system before it affected the water supply. Independent of who was behind it, the fact that someone decided to exploit that vulnerability and was able to do it means that other attackers would be able to do it as well.”
My 2 Cents: Folks, this is very serious. Any hacker caught involved
in this new criminal act should quickly be tried and sentenced to a very long
time in prison… and if any death occurs due to their act, then the death penalty
must apply … this is a horrible new set of dangers we now face.
We have moved from Malware
to Ransomware to Killware. Each step is worse than the one before: Damaging computers
to demanding large sums of money (Ransom) to possibly now aimed at taking
lives.
Also, if it's any foreign government or anti-ally involved – then that could be considered an act
of war and then we have a whole new set of issues, so stay tuned.
Thanks for stopping by.
No comments:
Post a Comment