Ransomware attacks on electric and water utilities’ data on the rise

This certainly puts at risk of exposure and/or data corruption all the personal energy and lifestyle data flowing from Smart Meters to utilities. At the same time, if these attacks can even accidentally corrupt data that controls nuclear power plants, for instance, or wireless network emission levels, just as a hacker intentionally altered controls to chemicals for a municipal water system, and do it remotely, that is far, far more dangerous.

From Fierce Big Data

May 4, 2016 | By Pam Baker

Data breaches that result in stolen data are not the only threats organizations have to worry about now. Ransomware attacks are spreading across industries too. The latest on that front are attacks on electric and water utilities ranging from Israel to Michigan.

“The nature of a ransomware attack, where attackers encrypt the victim’s data until they pay, is not a direct threat to critical infrastructure systems. Ransomware attacks are based on the ability of the attacker to halt-and-release the victim’s data, which is less likely in physical systems,” said Itsik Mantin, director of security research at Imperva. “The main risk ransomware presents for critical infrastructure systems is an accidental one. Ransomware tends to corrupt all the data it finds, both locally on the infected machine and everywhere else on the network, regardless of whether the data is a picture of the user from his last vacation or a configuration file used by a critical system.”

Ransomware found its opening through a phishing attack on Israel Electric Authority back in January. While the media freaked as if the attack took out that nation’s power grid, that’s not what happened. Although given other forms of attacks on utilities, it might one day. But no, this was a case of ransomware which Yuval Steinitz, the Israeli Minister of National Infrastructure, Energy and Water said was “one of the largest cyber attacks that we have experienced.”

Now comes word that the State of Michigan, Lansing’s Board of Water & Light was similarly attacked. It began as a phishing attack on April 25th and led to the authority keeping systems, including phone servers, locked down until Monday.

“Despite the controls on the perimeter and on endpoints, security officers should assume that the attacker will make it in, one way or another, either by compromising a user’s endpoint or when the attacker is the user himself,” said Mantin.

“Like most of the threats on the enterprise, ransomware attacks focus on the business critical data and can be effectively mitigated by having security controls protecting the places where the data is stored: databases, files or cloud applications, and over the applications through which it is accessed.”

So, what does ransomware mean in terms of ultimate threats to utilities?

“The nature of a ransomware attack, where attackers encrypt the victim’s data until they pay, is not a direct threat to critical infrastructure systems,” said Mantin.

“Ransomware attacks are based on the ability of the attacker to halt-and-release the victim’s data, which is less likely in physical systems. The main risk ransomware presents for critical infrastructure systems is an accidental one. Ransomware tends to corrupt all the data it finds, both locally on the infected machine and everywhere else on the network, regardless of whether the data is a picture of the user from his last vacation or a configuration file used by a critical system.”

While ransomware attacks on utilities seem to be picking up steam and are hurting the organizations they hit, let’s not forget that other threats loom large too. One example, the recent Iranian hacktivist group that seized the control system for a dam in New York, “an intrusion that one official said may be ‘just the tip of the iceberg,'” according to an NBC News report.

One point all these breaches bring home is that organizations must make serious moves in protecting data now, before something worse happens. Data is the alpha and omega of our existence now.

For more:
– read the article
– see BML’s Facebook page
– see the NBC News report

http://www.fiercebigdata.com/story/ransomware-attacks-electric-and-water-utilities-data-rise/2016-05-04

Posted under Fair Use Rules.

Advertisements
This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.