Cyberattacks Crossing Into The Physical Realm

Ransomware. You’ve probably heard a lot about it over the last few months. You may or may not know what it is. It’s the reason why people went nuts about gas a couple of weeks ago. Regardless of your experience with it, it’s poised to become influential in our lives over the next few years.

First off, what is ransomware? This video does a good job of explaining in crash course style. Put simply; ransomware is an attack on your computer (personal, network, or systems). The attack locks (encrypts) your computer and all the information stored on it until you pay a ransom to unlock (decrypt) it. Ransomware finds its way onto your computer much like other computer viruses would. Worst of all, there is no guarantee that your computer will be unlocked after paying.

My biggest worry with ransomware and other hacks we have seen recently is the physical world implications of cyberattacks. While a computer network being lost due to a cyberattack is tragic, physical harm is much more dangerous. In the early days, military espionage such as Stuxnet, a U.S. program to attack Iranian nuclear research facilities or the 2015 Ukrainian electrical grid attacks. What was once government-level espionage has now become privatized criminal activity. In March of 2020, a Florida water system suffered a cyberattack in which chemical treatment levels were adjusted to harm consumers physically, “The intruder boosted the level of sodium hydroxide — or lye — in the water supply to 100 times higher than normal. Sodium hydroxide, the main ingredient in liquid drain cleaners, is used to control water acidity and remove metals from drinking water in treatment plants. Lye poisoning can cause burns, vomiting, severe pain and bleeding.”

The most prominent of such attacks of the physical-cyber interface was the recent Colonial Pipeline attack. Colonial was hit with ransomware locking up some of their computer systems and demanding payment. In an effort to control the ransomware (ransomware spreads much like a virus), Colonial shut down its unaffected systems to mitigate any possible damage should they not be able to recover locked files. In doing so, Colonial shut down one of the largest fuel pipelines on the east coast. They ended up paying a massive $4.4 million ransom to get their files back and let the fuel flow again.

The scary trend we are seeing is physical infrastructure systems in America, gas, water, etc., are being targeted by criminal actors with malicious intent. It is no secret that the U.S. infrastructure is not modernized enough, but the physical threats of our cyber world are here ready or not.

Such attacks are even more concerning as ransomware demands continue to rise. “The hundred-million-dollar ransom is coming, unless it already has and we just don’t know it.” Imagine the U.S. electrical grid being locked up by ransomware on the heels of a major winter storm battering the better part of the nation. You have paid your electric bill but don’t have power, and it’s five below zero. The only way to possibly get power back on is for the $100 million ransom to be paid.

Bonus points: The recent Colonial pipeline hack used ransomware designed to scan the networks to see if any Russian languages were installed on the network. If so, it would delete itself and move along with no harm. As someone with little technical experience, I wonder if this presents a vulnerability to exploit as a countermeasure somehow?

This is the book that got me interested in cybersecurity in the last few months. Highly recommend!

I have a terrible habit of becoming engrossed with a new topic each week. Here is my mind run amuck.