This Just In! - News, X-Pert Advice

New Ransomware Target Identified

Four Marketing Pillars to Build a Business, Compromised Email Accounts Revealed, scammers, New Ransomware Target Identified, Networking Etiquette

New Ransomware Target Identified – Municipal Water Treatment Facilities

Industrial Control Systems, such as those that control municipal water treatment systems, air filtration systems, elevators and other similar equipment may become the latest ransomware target.

Hacking into control systems is nothing new.  The infamous Stuxnet virus was specifically created to identify and sabotage the Programmable Logic Controllers (PLC’s) that regulated the speed of centrifuges in Iran’s nuclear facilities.  This virus led to the destruction of several centrifuges, setting back the efforts of that nation’s quest towards nuclear capability.

Fast forward a few years, and the motivation for taking over control of critical devices has become financial rather than political.  The latest scourge to be effectively deployed by criminal enterprises is ransomware.

While ransomware has traditionally been used to scramble critical business data until a ransom is paid, researchers at Georgia Technical Institute have created a proof-of-concept attack that could be used to compromise critical command-and-control systems by interrupting or altering the normal operation of the PLC’s built into those systems.

Many people believe that such critical systems, due to security concerns, are not accessible via the internet. However, any system that includes remote monitoring capability, or even a mechanism to communicate with adjacent data processing or data logging equipment could be targeted by the same types of ransomware attacks that have previously been aimed at business and personal users.

If your company uses or produces equipment controlled by PLC’s you should ensure you have a plan to monitor and regulate access to the control logic, and enforce the use of effective security controls to limit both physical and computer access to those systems – lest you become a ransomware target.

Jack Eisenberg is the owner of Safe and Secure Computing and regularly monitors cyber security developments such as this one initially reported by Tech Republic.