• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » Why ransomware is the biggest threat to our critical infrastructure

Why ransomware is the biggest threat to our critical infrastructure

by Neil C. Hughes
3 December 2020
in Security
0
Opened red ransomware button on laptop with ladder going out

© Shutterstock

10
SHARES

Many currently manage their home heating, lighting, and entertainment using their smartphone or voice. Over the next decade, almost every new appliance will have a permanent connection to the internet. The digital transformation of everyday life can be found in everything from toasters to doorbells. 

With a smartwatch strapped to our wrists monitoring our heart rate and a smartphone in our hand tracking our every communication, and location in real-time, many are already fully subscribed members of the connected lifestyle. As businesses and authorities race to keep up with our rising expectations, they could be introducing more problems than solutions to our lives.

The end of moving fast and breaking things

The problem with Silicon valley’s mission to move fast and break things is that it fails to identify the serious consequences it creates along the way. Businesses that still have the scars from fighting BYOD and shadow IT can now be seen battling the threats that IoT devices have brought to their corporate network.
However, the problems at hand are even bigger than social impact, ethical responsibilities, and protecting businesses from being a hostage to ransomware. We are only just beginning to understand the creation of dangerous or deadly situations caused by bringing our critical infrastructure online.

It’s no longer just about the smart home. We are now moving towards smart cities.

When bringing everything online, are we unwittingly creating vulnerabilities to our critical infrastructure and where we live?

Ryuk ransomware targets hospitals

Hospitals are increasingly battling cyberattacks that threaten patient care at a time of increased COVID-19 hospitalizations. A computer virus has already been blamed for a patient’s death in Germany. Unscrupulous cybercriminals can target everything from MRI machines, ventilators, and even connected microscopes.

In a pre-covid world back in 2017, it was the WannaCry ransomware attack that became a global epidemic. More than 400,000 machines were infected across at least 150 countries, costing around $4 billion. Ryuk followed and first appeared in August 2018, but it was based on an older program called Hermes and it has continued to evolve in a virtual game of cat and mouse with security firms.

The delivery method of Ryuk came in the form of phishing emails that contained links to infected Google Drive documents. Unsuspecting users would then install malware onto their machine. But attacks continue to switch tactics and inevitably pivoting away from Google drive-hosted files would make it difficult for businesses to keep up with new methods of delivering an attack.

Ryuk is reportedly behind one-third of all ransomware incidents this year, with a staggering 67.3 million attacks and one victim even paying a $34 million ransom.

In October, the FBI warned the healthcare industry that ransomware such as Ryuk is still actively targeting the entire public health sector. 

Critical infrastructure under attack

The Cybersecurity & Infrastructure Security Agency (CISA) reported that sixteen sectors, including government facilities, nuclear, transportation, and water systems, are targets for attackers. Threats are increasing in parallel with our increased dependency on remote working and IoT devices.

Plunging cities into darkness became a reality when an attack was performed on a Ukrainian power grid back in 2015. More recently, in the US, a natural gas operator was forced to shut down after being infected by ransomware. Once again, a combination of phishing emails and security lapses enabled attackers to pivot from the facility’s IT network to the facility’s OT network.

The US maritime transportation facility and two cities in Florida were also held hostage by ransomware.

But this is just the tip of the proverbial iceberg.

As global tensions rise, state-sponsored cyberattacks on governments will continue to exploit national infrastructure vulnerabilities and run the risk of becoming the norm.

A much-needed wake-up call

The challenges are now much more serious than the feeling that your smart home has betrayed you. According to Microsoft, many businesses squeezed two years of digital transformation initiatives into just a few months this year. Entire cities and nations are only just waking up to the vulnerabilities created by moving fast without considering the security implications ahead. 

Predictably, the critical infrastructure protection market is expecting exponential growth over the next five years. But where do we go from here? Many have unwittingly created a much larger threat surface in rushing in, which has also created unintended consequences and vulnerabilities.

We know that the preferred delivery method of attack is typically through infected links, websites, and email attachments. Businesses and those managing critical infrastructure need more than a box-ticking exercise every 12 months to meet compliance requirements. Continuous education is essential in the protection from security breaches and cybercrime.

Will accepting that state-sponsored cyberattacks are one of the biggest threats in 2021 be enough to finally banish the myths associated with ransomware? By building a security-conscious culture combined with reactive and proactive countermeasures, leaders can begin to remove vulnerabilities in a digital world that is continuously under attack.

Share10TweetShareShare

Related Posts

Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Covid-19 vaccine

Covid vaccines are now an excuse to launch phishing attacks

22 January 2021
MyFreeCams data leaked on hacker forum

MyFreeCams hack: 2 million user records stolen from top adult streaming site and sold on hacker forum

21 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Next Post
EU urges online platforms to gird for new wave of COVID consumer scams

IBM warns hackers targeting COVID vaccine 'cold chain' supply process

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    83034 shares
    Share 83024 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Bitcoin emergence as ‘digital gold’ could lift price to $146,000, says JPM

    56 shares
    Share 56 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    69 shares
    Share 69 Tweet 0
  • How to deactivate or delete your Facebook account

    0 shares
    Share 0 Tweet 0
Teespring data leaked on hacker forum

8+ million Teespring user records leaked on hacker forum

25 January 2021
Italy consumer association sues Apple for planned iPhone obsolescence

Italy consumer association sues Apple for planned iPhone obsolescence

25 January 2021
Google on laptop and mobile

Google vs Australia: The Battle of the Precedents

25 January 2021
Makers of Sophia the robot plan mass rollout amid pandemic

Makers of Sophia the robot plan mass rollout amid pandemic

25 January 2021
Elon Musk

Elon Musk to offer $100 million prize for ‘best’ carbon capture tech

22 January 2021
Is there life on Mars?

Is there life on Mars?

22 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!