By Brian Erickson, Vice President or Strategy and Solutions and Retired U.S. Navy Colonel Vidoori
Today’s battlefield has expanded into a digital environment, and its impact affects government agencies as well as the general population. America’s enemies now aim to gain access to sensitive information, disrupt critical infrastructure, or impede the mobility of our troops.
As the battlefield continues to evolve, so do attack types. Phishing attacks, voice bot scams, and crypto-ransomware are examples of how the world of cyberattacks has evolved in recent years.
As these attacks become more complex, new legislation has emerged to defend them. For example, President Biden’s May Executive Order, the Defense Information Systems Agency (DISA) and the Department of Defense (DoD)’s new Zero Trust Cybersecurity Reference Architecture demonstrate efforts to mitigate and respond to these threats.
But as large-scale ransomware attacks such as Colonial Pipeline and Solar Winds target our nation’s critical infrastructure and put the lives of our citizens at risk, cybercriminals are already showing a willingness to scale ransomware attacks to previously unheard of levels. gave
This new type of ransomware attack targets people’s physical safety and can even take lives, which US Department of Homeland Security (DHS) Secretary Alejandro Mayorkas has called “killware.”
The dangers of killware
Killware is defined by outcomes, not in the same way as malware and ransomware, and is purposely designed to target the health of victims to cause real harm or death.
From Gartner Blog The emergence of deadly malware and killwareIt is predicted that by 2025, cybercriminals will have weaponized operational technology (OT) environments capable of intentionally and successfully killing people.
As our reliance on digital resources increases, so does the potential for cyberattacks. And as the cyber-physical world evolves with the Internet of Things, smart buildings/cities, and autonomous vehicles, events in the digital world will have an even greater impact on the physical world. According to Gartner, the projected monetary impact of cyber-physical systems attacks will reach over $50 billion by 2023.
However, our critical infrastructure is currently the most vulnerable to killware targets. Systems and service providers, such as hospitals, water and waste providers, power grids and dispatch operations, can cause personal injury or death if compromised in a killware attack.
These malicious cyber activities have already begun. In October, the Federal Bureau of Investigation, the Office of Cybersecurity and Infrastructure, the Environmental Protection Agency, and the National Security Agency issued a joint advisory highlighting attempts to compromise system integrity. US Water and Wastewater Systems (WWS) Division facility. This advisory represents a bigger challenge as cyberthreats continue to increase across all critical infrastructure sectors.
military matter
The term may be unfamiliar, but the intended consequences of killware are nothing new to the military. Enemies have been targeting defense systems for decades, disrupting communications and endangering the lives of our troops.
Historically, adversaries’ tactics, skills, and procedures (TTPs) are as diverse as individual choices in car purchases and depend on the desired outcome. If the purpose of the attack is to gain money, the attacker uses ransomware. Malware intrusion tactics against OT systems such as Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) may be the tactics of choice if attackers simply want to disrupt operations and cause disruption. Stuxnet, a malicious computer worm first discovered in 2010, is one of many examples of malicious malware designed to attack these systems.
However, as killware attacks become more prevalent, our defense agencies must evolve to ensure the safety and security of our national and international combatants. 5G, future 6G and the Internet of Things (IoT) introduce a whole new set of rules that non-kinetic behavior can have catastrophic consequences.
The most effective way to defend against these threats is to develop and deploy a zero trust architecture throughout the enterprise. An effective ZTA can be found in a recent report from the Office of Management and Budget. Draft Federal Zero Trust Strategy. This creates a trusted environment and, depending on your technology, can create IP cloaking that prevents enemies from attacking what they cannot see.
ZTA is a solution that can be used by any institution and environment. Networks can have unique qualities depending on their capabilities and systems, but all networks simply have the same basic requirements (power, space, cooling, processor) to operate as a combination of ones and zeros. Because of their similarities, good cyber hygiene, addressing all major security concerns, can be applied across industries, from federal to DoD to commercial, as well as institutional.
The current administration and legislators understand this potential and have prioritized cybersecurity by allocating approximately $2 billion in funding for cybersecurity in recently passed legislation. infrastructure bill Announcing a set of zero trust guidelines. The new infrastructure legislation also includes funding for state and local cyber grant programs and more than $100 million in cyber response and recovery funds.
The DoD and DISA are also making great strides to solidify cybersecurity, creating a new Zero Trust Security Portfolio Office and creating Zero Trust to share guidance across agencies. Cybersecurity Reference Architecture.
What future plans?
Going forward, DoDs and defense agencies will continue to combat this new threat by implementing a comprehensive ZTA, recruiting and retaining cyber talent, educating staff on effective cyber hygiene, and continuously evaluating systems through proactive testing and integration. You have to fight.
Organizations must have organic staff trained in hacking and cybersecurity skills to routinely test networks using past and present TTPs. The key to successful network protection is staying on the defensive and thinking strategically to predict where future attacks from any given technology (6G, exascale and quantum computing, hyperconverged drone warfare) will come from.
As cyberthreats continue to evolve and killware becomes a DHS concern, the federal government must use the lessons learned from the DoD to stay ahead of its enemies. Continuing to make cybersecurity a legislative priority and taking a forward-looking approach to defense and attack tactics is critical to protecting critical infrastructure from lethal attacks.
About the author
Brian Erickson is Vice President of Strategy and Solutions at Vidoori.
In this role, he oversees the company’s West Coast operations and brand expansion. Prior to joining Vidoori, Brian served 26 years as a Senior Naval Officer (Captain/O6) in the aviation and information warfare community.
Brian holds a BA in Economics from San Diego State University. He also holds a Master of Science in Information Technology from Naval Graduate School. He also holds numerous professional certifications in business and cybersecurity.
Fair Use Notice: “Fair use” laws allow other authors to make limited use of the original author’s work without permission. Under 17 US Code § 107, “It is not copyright infringement to use copyrighted material for purposes such as criticism, commentary, news reporting, education (including multiple copies for classroom use), scholarship, or research.” As a matter of policy, fair use is based on the belief that the public is free to use portions of copyrighted material for the purposes of comment and criticism. Fair use privileges are perhaps the most important restrictions on the exclusive rights of copyright owners. Cyber Defense Media Group is a news reporting company that reports cyber news, events, information and more free of charge on its website Cyber Defense Magazine. All images and reporting are conducted exclusively in accordance with the fair use of US copyright laws.