Deaths From Cyber Attacks

Uploaded on 2018-06-15 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Production-Utilities, BUSINESS-Production-Energy

The ability of cyber threats to compromise information systems is an ongoing danger to all organisations, however, an emerging threat presents a new challenge, cyber attacks that may cause physical harm to systems and persons. This threat has become acute for certain sectors such as critical infrastructure.
 
Historically, cyber attacks seek to harm a target by either causing disruption of a system or covertly entering to commit espionage or data theft. Recently, a new cyber attack has evolved to harm targets by causing physical damage or corruption of a system.
 
For example, in 2016 one piece of malware targeted Ukraine’s power grid and cut power to 20 percent of the capital. The attack occurred toward the end of winter and left residents without electricity, lights, and, in some cases, heat. It involved malware that could activate or deactivate controls, and, as the attack was unfolding, it became clear that it was engineered for maximum effect because it also took back-up power sources offline.
 
Another significant event occurred in August 2018, when cyber-criminals breached the security of a petro-chemical plant in Saudi Arabia in an attempt to manipulate and sabotage the plant’s operations. 
 
Though unsuccessful at causing an explosion, investigators believe that the attack was intended to cause a catastrophic event. While the attack failed in this instance, investigators raised the alarm that the compromised system is utilised by thousands of critical infrastructure operators globally and is an ongoing vulnerability. Also in the case of the Saudi Arabia hack, investigators concluded that the hackers custom-built nearly all their tools, and could do so, because they were able to obtain a copy of the critical software from eBay. 
 
This suggests the hackers were funded and possibly affiliated with a state actor. Undoubtedly, this has generated concerns about the increased use of commercial off-the-shelf (COTS) software.
 
Adding to this is a resurgence of cyber criminals specifically targeting the energy sector. One group, Dragonfly, has launched several high-profile and concerted attacks against the energy sector. To date the group has mostly been involved in cyber-espionage, but security firms believe that the group possesses the technical tools and capability to physically compromise a system. 
 
For many observers, these attacks marked a turning point for infrastructure companies; they show that hackers are not only motivated and bold enough to launch attacks on infrastructure that jeopardise the wellbeing of individuals, but sophisticated enough to be successful. 
 
Moreover, the technologies involved in these attacks are ubiquitous and many are integral to traffic control systems, waterworks systems, and electricity supply networks. And, as clear in the Saudi Arabia attack, COTS software opens the door for cyber-criminals to purchase identical software in order to learn how it works so as to discover and exploit vulnerabilities.
Despite the advanced capabilities of hackers, organisations can take steps to protect themselves. For example, organisations can remediate vulnerabilities in COTS software through solutions designed to scan software and identify flaws. 
 
This attenuates concerns about hackers obtaining software and exploiting existing flaws because system glitches are routinely identified and remediated. Moreover, organisations need to recognise potentially malicious activity on their systems, such as repeat remote access requests, system activity at unusual times, and access request from harmful domains.
 
Unfortunately, it is likely that attacks that aim to physically interfere with software or security systems will only increase in the future. 
 
To combat this growing threat, organisations can take several steps:
 
Security By-Design: When developing smart infrastructure, organizations should design it not just with security to prevent intrusions, but to minimize damage in the event of a compromise. For example, should certain critical software be custom-designed to prevent easy analysis by hackers? Can physical, manual, and programmatic fail safes be included to prevent malicious events?
 
Enhanced Training: Companies should also strongly consider training board members and staff, including employees in non-technical departments, and those trainings should be tailored to employees’ responsibilities. For instance, board training should focus on the importance of investing in cyber-security and keeping the board appraised of liability risks posed by cyber threats. Likewise, non-technical employees should receive training on how to detect cyber threats, recognise common attack tactics like phishing emails, and most importantly what to do in the event of a suspected attack.
 
Cyber Insurance: Also a consideration for organisations is whether their insurance policies cover this type of harm. Cyber insurance typically contemplates coverage for unauthorised disclosure of personal or confidential data and does not necessarily factor in damage to persons or real property. Therefore, infrastructure and energy companies should confirm whether they are covered should they experience this type of attack
 
Cyber-security is an evolving threat that requires companies to adapt. 
 
There is no question that cyber threats will continue to grow more sophisticated and potentially, more dangerous. Therefore, it is imperative that organisations begin taking preventative measures now, especially when it comes to protecting systems that can affect the physical safety of a system.
 
Ultimately these conversations are better had before, rather than in the aftermath, of an attack.
 
New York Law Journal:
 
You Might Also Read:
 
US Accuses Russia Of Attacking Energy Infrastructure:
 
Attacks On UK Critical Infrastructure Will Double:
 
« GDPR Isn’t Enough Protection In An Age Of Smart Algorithms
New Website Design & Function. »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

Datto

Datto

Datto delivers a single toolbox of easy to use products and services designed specifically for managed service providers and the businesses they serve.

Telspace Africa

Telspace Africa

Telspace Africa provide the highest level of IT security solutions including advisory, penetration testing, vulnerability assessments, red teaming, social engineering and training.

Mitchell Sandham

Mitchell Sandham

Mitchell Sandham is an, independent insurance and financial services brokerage. Business products include Cyber/Privacy Liability insurance.

Datacom Systems

Datacom Systems

Datacom Systems is a leading manufacturer of network visibility solutions.

Red Canary

Red Canary

Red Canary continuously monitors and analyzes your endpoints, users, and network activity in search of threatening behaviors, patterns, and signatures.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

Comcast Business

Comcast Business

Comcast Business keeps businesses ready for what’s next with powerful connectivity, advanced cybersecurity solutions, and the right people at your side.

Ridge Security

Ridge Security

Ridge Security enables enterprise and web application teams, ISVs, governments, education, DevOps, anyone responsible for ensuring software security to affordably and efficiently test their systems.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

Telit Cinterion

Telit Cinterion

Telit Cinterion is a global enabler of the intelligent edge providing highly secure IoT solutions, modules and services.