Cybersecurity Tips & Tricks: How can critical infrastructure be targeted by malware?

Next story
Tony Anscombe

Do you know how attacks on national critical systems could also represent a threat to your business?

The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids and other nationally critical systems.

This has ranged from the 2010 Stuxnet malware attack on the Iranian nuclear facility to separate attacks on Ukraine’s power grid with Black Energy in 2014, Grey Energy in 2015 and ultimately Industroyer in 2016, which featured malware able to directly of control electricity substation switches and circuit breakers.

Of course, the most infamous examples of malware impacting critical infrastructure may be the WannaCryptor and NotPetya attacks in 2017. The WannaCryptor ransomware attack utilized an exploit known as EternalBlue which was thought to have originally been developed by nation state intelligence services and provoked large scale disruption of transport, health services and other critical services globally. NotPetya, led to similar disruptions as businesses along various supply chains were either impacted by ransomware, or broke contact with their business partners in an effort to avoid contagion. Interestingly, the wide scale of these threats also challenged people's perceptions of what constitutes critical infrastructure.

In light of these past attacks, you may be wondering how this affects your business, considering that these are examples of large scale attacks. However, what if more amateur cyber criminals can get hold of exploits and malware created by nation states to attack infrastructure, just as they used EternalBlue with Wannacry? Targeted attacks on more localized services such as a building’s power or HVAC system could become a reality, especially if cyber criminals see an opportunity to monetize and hold companies to ransom through a cyber attack.