Cybersecurity researchers have revealed the development of a new, custom form of ransomware targeting industrial systems (SCADA). The malware and subsequent attack on a simulated water treatment plant were designed to highlight how cyberattackers could disrupt key services which cater for our critical needs, such as energy providers, water management utilities, heating, ventilation and air conditioning (HVAC) systems or escalator controllers. IT security experts from NSFOCUS, AlienVault, ESET and Nozomi Networks commented below.
Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS:
.
Javvad Malik, Security Advocate at AlienVault:
In that regard, it is no stretch to imagine attacks against SCADA systems are on attacker wish-lists. However, many attackers will be concerned about the level of scrutiny such an attack could place on them. Many ransomware attackers are cybercriminals wanting to make some money in an easy manner, and probably don’t want the attention associated with being labelled a ‘cyber’ terrorist or having declared an act of war.
Another reason why we possibly haven’t seen such attacks is that SCADA systems have typically been segregated and not publicly accessible. However, there are several factors that indicate that the likelihood of such an attack will increase over time. The scope of what is deemed critical national infrastructure is ever-increasing. There is an increased reliance on the internet to keep systems running which results in more systems being exposed. There is also the drive towards ‘smart cities’ which will further expose critical systems to the public internet. What this means is that even if attackers can’t compromise SCADA systems directly, they can likely compromise systems that SCADA rely on, thus having a similar effect.”
Mark James, IT Security Specialist at ESET:
Edgard Capdevielle, CEO at Nozomi Networks:
“For years security experts have warned that industrial controls systems (ICS) and their components, such as PLCs, are susceptible to many of the same threats faced by other organisations – this research proves that reality, this time thankfully without endangering lives. Without wishing to be dramatic, human safety is a risk should these systems be breached. Water, power, energy, and transportation systems are all operated by similar technologies, ones that have historically been hard to protect, and hackers have already turned the lights off in the Ukraine.
“Fortunately innovations in machine learning and anomaly detection are being applied that can help monitor and protect ICS systems, such as the PLCs used in this demonstration. The question that remains is whether experiments by research teams will be enough to demonstrate the potential attacks aimed at critical infrastructure and drive broad adoption of these new technologies that will help keep us all safe.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.