Various strains of malware have been impacting the critical infrastructure in the U.S. and beyond. Especially that of critical utility providers. Perhaps the most high-profile example occurred in late 2015 when roughly 100,000 Ukrainians were left in the dark following an apparent breach of several of the nation’s top energy companies. Upon investigating, researchers have come up with multiple theories for exactly how the hackers orchestrated the attack. What we do know is that they remotely accessed breakers of several power plants. The Department of Homeland Security has also identified KillDisk (which wipes certain targets on disk drives) as playing a role in corrupting the master boot record, thereby “rendering systems inoperable,” according to Ars Technica.
We also know that the cyberattack on Ukraine’s power grid is arguably the most terrifying hack to date. The ability to knock entire regions of a nation off the grid introduces horrific potential for other types of crime, making it a matter of national security.
The worst part of it is that utilities continue to be impacted by cyberthreats.
The Dangers Compound
In late April, Lansing Board of Water & Light (BWL), a Michigan-based utility organization, had several systems knocked offline. These included the accounting department, the customer support line for outages, and email services for up to 250 employees. The culprit was ransomware – a specific strain was never named. According to the Lansing State Journal, the utility did not pay the ransom, but faced about $2 million in remediation expenses.
Ransomware and KillDisk are hardly the only threats.