Industroyer threatens to exceed Stuxnet’s capacity to damage energy grids and other critical infrastructure, say experts
Yesterday, ESET broke the news that they had discovered a malware that is said by some to be the biggest threat to critical infastructure since Stuxnet, the malicious worm that caused substantial damage to Iran’s nuclear program. Called ‘Industroyer’ it has been designed to disrupt critical industrial processes. In response to the breaking news, Andrew Clarke – EMEA Director at One Identity, has taken part in a short question and answer.
IoT GN: Is ‘Industroyer’ as scary as it sounds?
Andrew Clarke: Yes, this is as scary as it sounds. First, it’s very difficult to detect because it uses known and allowable code yet in nefarious modes. In addition, we’re not talking about stealing some incriminating photos from some celebrities cloud storage location. This is controlling the power grid. It means that hospitals could lose power mid-surgery. Or traffic lights cut out causing accidents. The ability to alert citizens to bad weather halts.
IoT GN: What are the implications?
Andrew Clarke: The implications are vast and varied. I highlighted some of the short term results of a hacker owning the grid. But what should a government do to halt this? To begin with, government needs to make more and better investments in technology. This costs money and government only has so much investment dollars. Every dollar spent in security is a dollar not spent on roads, or education – a difficult set of choices to be sure. In addition, government must demand from its supplier better and tighter security so these types of hacks are identified and stopped in its tracks and vendors need to provide these improvements.
IoT GN: Is it defensible?
Andrew Clarke: The good news is that everything is defensible – but at a cost. Is the solution a software solution? Or do all these pieces of hardware need to be upgraded? Vastly different costs which will impact the government and citizens separately.
IoT GN: What makes this industry so susceptible?
Andrew Clarke: Candidly, I don’t think this industry (energy sector) is any more or less susceptible than any other industry. It’s more to the point that the results of a hack to the power grid are far dangerous than an individual losing control over their checking account. When the grid goes down, millions are affected and in a very bad way.
IoT GN: What can be done?
Andrew Clarke: Security is a never-ending dance. The hackers create a method of hacking, organisations and vendors change their solution to address that vulnerability. The hackers change their modus operandi, vendors adapt. There is no end in sight for this cycle of hack and solution.Organisations need to factor this effort and cost into their future operating costs.
The full blog can be found here and the accompanying whitepaper can be read here.
Comment on this article below or via Twitter @IoTGN