sb-nz logo
Story image

Disruptionware emerges as newest and nastiest cyber threat

What’s being dubbed as ‘disruptionware’ is emerging as the newest and nastiest cybersecurity threat, according to new research.

Forescout and ICIT research has identified the rise of disruptionware and its threat to particularly operational technology environments.

The report published by the pair explores how the nature of cyber attacks is changing. For instance, while the traditional concept of malware damaging operations for monetary gain, a breed of attacks that are still very present, disruptionware is wreaking havoc in networked industrial control system (ICS) and operational technologies (OT) environments.

More specifically, manufacturers, transport firms and energy companies are most at risk as attackers are targeting industrial equipment to impact productivity.

The research examines the attack patterns targeting critical industry sectors including ransomware, disk-wiping malware and similarly disruptive malicious code.

It found that bad actors without extensive technology know-how are targeting industrial equipment with inadequate protection mechanisms to suspend operations, disrupt continuity and disseminate deliverables in order to target productivity rather than extract money for financial gain.

These low sophistication attacks are becoming increasingly consequential to the operator community, the report finds.

For instance, in March 2019 Norsk Hydro, one of the largest aluminum producers in the world, disclosed that some of their systems had been infected by LockerGoga ransomware, affecting their operations worldwide.

Norsk declined to pay the ransom and instead engaged its incident response procedures and reverted to backup and redundancy infrastructure but, nevertheless, a week after the attack it estimated its losses at $40 million despite reporting a full recovery.

“We see many of these challenges first-hand at Forescout because we support many of the worlds largest ICS and OT-dependent organisations,” commented Ryan Brichant, the company’s CTO for Critical Infrastructure, ICS and OT.

“Our team understands that in the world of pipelines, factories and power plants, digital hazards consist of much more than just malicious intruders any type of outage or disruption, even if due to false-positives or errors, still causes harm.

"But there is common ground that can be found under security and modernisation as these disruption-sensitive industries push toward new software and connectivity technologies," Brichant says.

The researchers also idenfitied what companies need to focus on to better protect themselves, including planning for and implementing security-by-design controls, developing an incident response plan, increasing device visibility across the converged IT/OT environment and segmenting networks.

Story image
Remote working to accelerate cyber attacks - WatchGuard
"During 2021, attackers will seek out vulnerabilities in home networks with the objective of infecting connected corporate devices."More
Story image
Cyber-attackers target COVID-19 vaccine supply chain in sweeping phishing campaign
IBM’s Security X-Force, a task force created in the early days of the pandemic with an aim to combat cyber-attacks related to potential vaccines’ supply chains, released details on a coordinated effort to disrupt the COVID-19 ‘cold chain’.More
Story image
Vectra sets A/NZ channel in sights with new leadership hire
The new international sales VP will be charged with strengthening its MSP programme and growing its channel partner network in the region.More
Story image
CyberArk launches Forescout and Phosphorus integration to aid with IoT security
“Through our integration with Forescout and Phosphorus, CyberArk dramatically improves security and compliance, and alleviates the burden on IT and security teams."More
Story image
Adoption of cloud-native apps high but security remains an issue - report
While most organisations today are using cloud-native apps, Kubernetes and microservices, they struggle to secure and connect the complex environments resulting from them. More
Story image
Malwarebytes expands protection suite, with focus on protecting remote workers
As part of the expansion, Malwarebytes has introduced new features to its platform to boost productivity for remote workers, including enhancements for its Brute Force Protection solution and its scan and detection engine. More