US Homeland Security Secretary: next big cyber threat is killware

The emergence of ransomware as a very real threat to business has been well documented this year, but a potentially more serious threat has now been flagged which could have even more worrying repercussions for public and private sector organisations: killware.

The new threat comes as malicious cyberactivity is now crossing the line and can actually threaten the lives of people, according to warnings from the US Homeland Security Secretary Alejandro Mayorkas.

Speaking to USA TODAY, Mayorkas (below) revealed that there had been an attempt to hack the system of a Florida water treatment plant.

“There was a cyber incident that very fortunately did not succeed,” he said. “And that is an attempted hack of a water treatment facility in Florida, and the fact that that attack was not for financial gain but rather purely to do harm.”

That attack on the Oldsmar, Florida, water system in February was intended to distribute contaminated water to residents, “and that should have gripped our entire country,” Mayorkas suggested.

The Oldsmar intrusion is believed to be just the latest example of how malicious hackers are increasingly targeting critical nation infrastructures, including hospitals, water supplies, banks and police departments, in ways that could cause serious harm or even lead to loss of human lives.

This summer, respected Stamford-based technology research and consultancy practice Gartner said in a note that “the attack on the Oldsmar water treatment facility shows that security attacks on operational technology are not just made up in Hollywood anymore”.

“The world has seen real incidents where events originating in the digital world had an impact on the physical world,” it added, going on to spell out the extent of the malicious threat now facing organisations:

“Many of the attacks we see in the news these days are related to ransomware. The operational technology environment is not often the prime target of the ransomware – it is more like collateral damage. Unfortunately, we also see more and more attacks on operational technology environments where the operational technology is not the objective of the attack, but the means. The actual objective of the attacker is to cause harm to humans by using killware in an operational technology environment. This can be a chemical plant, an air traffic control system, a dam or anything similar.”

Worryingly, Gartner suggested that it is now “just a matter of time” before killware will have claimed its first victim, and that it is likely that by 2025 operational technology environments will have been weaponized to successfully harm or kill humans.

Mayorkas’s voice is not a lone one. US officials are reportedly increasingly concerned about ransomware attacks on hospitals, which have had to divert patients and cancel or defer critical surgeries, tests and other medical procedures, as was the case in a nationwide cyber-attack on Universal Health Services,  one of the largest US health care providers, in September 2020.

“There was a cyber incident that very fortunately did not succeed, and that is an attempted hack of a water treatment facility in Florida, and the fact that that attack was not for financial gain but rather purely to do harm.”

Alejandro Mayorkas, US Homeland Security Secretary 

Follow us on twitter: @risksEmerging

MobaXterm Professional Edition v21.5.0.4826 Full Activated – Discount 100% OFF https://www.dr-farfar.com/mobaxterm-professional-edition/ #infosec #bugcrowd #bugbountytips #bugbountytip #CyberSecurity #100DaysOfCode #Malware #CodeNewbie #BugHunter #Javascript via @3XS0

Angry employee stole his company’s data, blackmailed the bosses https://cyberiqs.com/angry-employee-stole-his-companys-data-blackmailed-the-bosses-and-dropped-their-stock-by-20-best-example-of-insider-threat/ #infosec #infosecurity #cybersecurity #threatintel #threatintelligence #hacking #cybernews #cyberattack #threathunting #cloudsecurity #cloudcomputing #malware #ransomware #devops #dfir #cyber

An automated solution for background screening of candidates?
We're here. 😉

#MachineLearning #DataScience #5G #100DaysOfCode #Python #Cybersecurity #BigData #AI #IoT #DeepLearning #ArtificialIntelligence #NLP #robots #Industry40 #tech #DEVCommunity
#javascript #TechnoSupport https://twitter.com/HungLee/status/1462711663904362500

Hung Lee@HungLee

'Negative Content' Breakdown

Out of 9708 sampled job seekers who underwent social media background screening (with consent), instances of negative content was distributed as follows 👇

Sexism in the lead, followed closely by Homophobia

USA best quality service http://Usatopservices.com
#buy_google_reviews
#buy_google_5_star_reviews

#pokemon #blacktechtwitter #Cybersecurity #usatopservices #infosec #100DaysOfCode #node #nodejs #coding #js #angularjs #reactjs #tech #javascript #html #womenwhocode #301DaysOfCode

Uganda launches road-building in Congo to boost trade http://reut.rs/3pwWOO2

Former GOP Sen. David Perdue plans to announce Monday that he's mounting a primary challenge against Georgia Gov. Brian Kemp, multiple reports say https://cnn.it/3InqRAj

17 Malware Frameworks Target Air-Gapped Systems for Espionage |
#cyberdefense #cybersecurity #infosec #informationsecurity #datasecurity #insiderthreat #vulnerabilitymanagement #devsecops #endpointsecurity
https://www.securityweek.com/17-malware-frameworks-target-air-gapped-systems-espionage

Didi Global shares plunge more than 20% on plan to delist from NYSE

https://www.business-standard.com/article/international/didi-global-shares-plunge-more-than-20-on-plan-to-delist-from-nyse-121120400065_1.html

#cybersecurity #infosec

Load More...
SHARE: