Several States across the nation are reviewing Cyber Security for Critical Infrastructure after the Burlington Electric Department found a laptop containing the Grizzly Steppe malware some attribute to Russian Hackers. It security experts from Tripwire and Plixer commented below.
Tim Erlin, Senior Director of IT Security and Risk Strategy at Tripwire:
“The Department of Homeland Security (DHS) report included ‘indicators of compromise’ specifically to allow other organizations to identify this malware and similar malicious activity. States and other organizations should use the indicators released by DHS to search their systems for evidence of the Grizzly Steppe malware.Malware is meant to be reused, so it shouldn’t be surprising to find evidence of this particular tool in other organizations. Actual attribution of an incident to a particular attacker isn’t as simple as finding a specific piece of malware. Attribution generally requires information about the tools, techniques and other behaviors of the attacker to be conclusive.”
Michael Patterson, CEO at Plixer:
“The attack on the Ukrainian power grid may have been just a test for a much larger planned attack on the USA. The air gaps on our military systems that were proposed by Donald Trump should be enforced on our nations utilities as well. Despite improvements in malware detection, defenses against computer viruses are falling short more than ever before. The new defense is investigation by collecting flow technologies such as NetFlow and IPFIX. These technologies allow security teams to play back malware traffic patterns similar to camera systems. Only then can we see how the malware got in, how it moved around the network, where it moved to and what else might be infected.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…