sb-nz logo
Story image

Disruptionware emerges as newest and nastiest cyber threat

What’s being dubbed as ‘disruptionware’ is emerging as the newest and nastiest cybersecurity threat, according to new research.

Forescout and ICIT research has identified the rise of disruptionware and its threat to particularly operational technology environments.

The report published by the pair explores how the nature of cyber attacks is changing. For instance, while the traditional concept of malware damaging operations for monetary gain, a breed of attacks that are still very present, disruptionware is wreaking havoc in networked industrial control system (ICS) and operational technologies (OT) environments.

More specifically, manufacturers, transport firms and energy companies are most at risk as attackers are targeting industrial equipment to impact productivity.

The research examines the attack patterns targeting critical industry sectors including ransomware, disk-wiping malware and similarly disruptive malicious code.

It found that bad actors without extensive technology know-how are targeting industrial equipment with inadequate protection mechanisms to suspend operations, disrupt continuity and disseminate deliverables in order to target productivity rather than extract money for financial gain.

These low sophistication attacks are becoming increasingly consequential to the operator community, the report finds.

For instance, in March 2019 Norsk Hydro, one of the largest aluminum producers in the world, disclosed that some of their systems had been infected by LockerGoga ransomware, affecting their operations worldwide.

Norsk declined to pay the ransom and instead engaged its incident response procedures and reverted to backup and redundancy infrastructure but, nevertheless, a week after the attack it estimated its losses at $40 million despite reporting a full recovery.

“We see many of these challenges first-hand at Forescout because we support many of the worlds largest ICS and OT-dependent organisations,” commented Ryan Brichant, the company’s CTO for Critical Infrastructure, ICS and OT.

“Our team understands that in the world of pipelines, factories and power plants, digital hazards consist of much more than just malicious intruders any type of outage or disruption, even if due to false-positives or errors, still causes harm.

"But there is common ground that can be found under security and modernisation as these disruption-sensitive industries push toward new software and connectivity technologies," Brichant says.

The researchers also idenfitied what companies need to focus on to better protect themselves, including planning for and implementing security-by-design controls, developing an incident response plan, increasing device visibility across the converged IT/OT environment and segmenting networks.

Story image
ForgeRock appoints new execs to lead IAM growth
“Identity and Access Management is foundational to a modern security architecture especially now as we are experiencing a paradigm shift towards Zero Trust."More
Story image
Internet infrastructure strained as demand for servers surges 30%
Internet service providers are extending data caps to meet the newfound reliance on the network, however, some experts express uncertainty concerning internet infrastructure’s ability to keep up with the rapidly growing demand.More
Story image
It’s time for firms' cybersecurity credentials to take centre stage
leading enterprise database was also used to identify whether each company had a chief information security officer (CISO) or a chief security officer (CSO). The results proved extremely interesting…More
Story image
Organisations take cloud-first approach to security, though concerns remain
"While the results of this survey show that some security professionals still have concerns, having visibility into cloud services is vital and many organisations are now taking a cloud-first approach to security.”More
Story image
Phishing cases explode as attackers prey on coronavirus fears
Attackers, ever the opportunists, are capitalising on COVID-19, pushing phishing lures and establishing newly-registered coronavirus-related domains.More
Story image
How our publisher harnessed machine learning to overhaul Techday websites
Our publisher, Sean Mitchell, went to CoderSchool in Ho Chi Minh City to learn how to implement machine learning into Techday.More