January 27, 2017 Marketing

CyBlog: This Week in Cyber Security

This week in the world of cyber, the top predictions of what will be trending in 2017 are flooding the web. Talks of industry and utility hacks, scares of increasingly complex malware attacks and pleads of a more stringent cybersecurity system are more prevalent than ever.

Surprise! Your Operational Technology is connected to the Internet

Discussions of the Ukraine power grid hack have been continuing in the news since before the holidays, with constant updates on the follow-up attack and how they’re connected, as well as what this could mean for the industrial and utility world as thousands were left without power.

Kiev (pictured here) is the capital of Ukraine, a victim in one of multiple malware attacks on their power grid.

Kiev (pictured here) is the capital of Ukraine, a victim in one of multiple malware attacks on their power grid.

Security Week, an internet and enterprise security news and analysis publication, predicts that cyber extortion will further target utility plants due to industrial network air-gaps. This makes it easy for cyber attackers to infiltrate SCADA and ICS systems, and possibly PLCs.

The publication also says that due to the increase in interest of interconnectivity and lack of protection within systems, ICS networks are becoming more complex and more exposed to external threats.

Read more on assessing your SCADA system and the upgrading process in our free white paper. 

Cybersecurity and Malware in the World of OT

With the growing and continuing risk of ransomware infiltrating company systems, cybersecurity is even more of a hot-topic for companies than it was in 2016.

ransomware

A possible pop-up screen after malware has distributed into a system.

eWeek, a news publications specializing in the IT industry analysis and technology news,
reported that co-founder and CEO of Keeper Security Darren Guccione predicts small and medium-sized businesses will be more at risk for cyberattacks and data breaches in 2017.

Ransomware isn’t going away. In fact, it’s going to get more effective as hackers become better at embedding the viruses into emails through phishing, a fraudulent practice of sending emails within a company in an effort to steal personal and company information.

As a result, he recommends increasing investment in security defenses to be protected against these increasing threats.

Another prediction from eWEEK is hacks will be getting increasingly more complex. Rather than just single threat vectors, hybrid attacks will be more common. What does this mean? Hackers will be able to infiltrate your system, and then hide their tracks. By using a combination of phishing to deliver malware and then launching a Denial-of-service (DDoS) attack, the system is disrupted and suspends all services connected to the internet. This compromises various systems and is often infected using a Trojan virus — a type of vicious malware disguised within a user system as software.

Lansing

Cybercriminals hacked into and compromised a utility in Lansing, Michigan, at the end of 2016.

Watch our on-demand webinar on securing your operational technology.

The Dangers of Outdated Operational Technology

Speaking of DDoS attacks, Lloyds Banking Group, Britain’s largest mortgage lender, was hit with a viral attack on Jan. 11.

According to Reuters, the bank was “bombarded” with copious amounts of traffic from various systems to overloaded the server. This resulted in temporarily freezing customers out of access to their online accounts.

This comes just months after Britain’s first large cyber bank heist in November when Tesco Banking was hacked. Hackers took funds from 20,000 accounts, and the bank halted all online transactions, and amounted to 2.5 million pounds, or $3 million, in losses.

Shortly after, the European Union (EU) decided it was necessary to boost security and is considering an EU-wide stress test within the industry.

Unfortunately, EU banks “rely on a digital infrastructure that is rigid and outdated,” according to Reuters, and is considering new technologies in an effort to boost security.

Is your SCADA system outdated? Using outdated technology can be extremely harmful towards your internal infrastructure and leaves you at a greater risk for cybercrime.

Tagged: , , , , ,