Sophisticated Cyber Attacks are Sideswiping the World During the Coronavirus Pandemic

Almost all cyberattacks come as a surprise to the victim.

11:50 12 May 2021

Whether it’s a ransomware attack or a data breach, nobody expects to be attacked. It’s shocking to find out that your data has been stolen and has potentially been used for identity theft or other illegal purposes. However, in recent years, cyberattacks have become more sophisticated and are capable of causing extensive physical damage.

 

Two of these insidious attacks are bots that brickIoT devices and attacks against industrial control systems in the manufacturing industry. If you’re not familiar with either, here’s what you need to know about these two attacks.

 

1. Industrial control systems (ICS) are at high risk of attack

 

Many machines rely on software and hardware control systems to operate. This can include firmware, general operational software, and sensors equipped with additional software. Unfortunately, control systems are prime targets for hackers.

 

Many ICS attacks have been ransomware attacks, which render machines useless until the ransom is paid. Unlike prepared businesses that can bypass the ransom and restore backed up data in new environments, it’s not that easy to replace compromised controllers. Some controllers cost tens of thousands of dollars and others are custom-made.

 

2. ICS attacks are capable of causing physical damage

 

Attacks against industrial control systems often result in disrupted operations that cause physical damage. Mission Secure published a list of recent cyberattacks launched against the manufacturing industry that includes several severe attacks against control systems.

 

For example, in 2014, a German Steel plant was attacked, causing control systems to fail. As a result, the furnace couldn’t be shut down or regulated, which caused severe physical damage.

 

If you have a control system, you’re a target. The only way to protect your control systems is to hire a cybersecurity specialist to help you lock down your attack surface. If you don’t secure your attack surface, one cyberattack could destroy your entire business.

 

3. Bricking can destroy your insecure IoT devices

 

The other type of attack gaining momentum in recent years is a permanent denial of service (PDoS) attack carried out by BrickerBot.BrickerBot attacks destroy targeted IoT devices and make them permanently inoperable. BrickerBot destroys devices by obliterating the memory.

 

Some have said that BrickerBot was released to pre-empt attacks from a botnet called Mirai. Mirai was malware that went around hijacking unsecured IoT devices connected to the internet to use for delivering massive Denial of Service (DDoS) attacks. BrickerBot was said to be wandering around the ‘net, destroying unsecured devices to prevent Mirai from corralling them into the botnet.

 

There was an earlier vigilante worm that targeted unsecured IoT devices to close the port used by Mirai. However, BrickerBot wasn’t designed to play nice.

 

Even though BrickerBot is a vigilante type of malware, any device hit by BrickerBot will become useless scrap. For example, a person who installs a Wi-Fi security camera system and fails to secure it with a custom password is at risk of having their camera system ‘bricked’ by BrickerBot. If that happens, the system would be irreparable.

 

4. There’s a new bricking bot in town – TrickBot

 

TrickBot is another botnet programmed to brick devices and has been gaining momentum in recent years. However, there’s a new TrickBot module thatcybersecurity experts are calling “TrickBoot.” This module searches firmware for vulnerabilities, which could cause damage equal to BrickerBot.

 

Even if users manage to repair the damage after a TrickBot attack, they won’t be out of the woods. Firmware is stored on the motherboard, so even if device owners replace a hard drive or re-image their entire system, TrickBot could render the device inoperable once more.

 

TrickBot malware has been used by well-known groups of Russian and North Korean hackers to target healthcare, finance, education, and critical infrastructure.

 

Are you prepared for a cyberattack?

 

Cybercrime continues to grow exponentially each year, and hackers aren’t going to stop anytime soon. In fact, since the pandemic began,cybercrime has risen more than ever.

 

What would you do if your company’s network or computers were targeted by a cyberattack? Do you have a disaster recovery plan? Did a security professional engineer your cybersecurity system?

 

If you’re not ready to recover from a cyberattack, one attack could destroy your business. Consult with an IT security professional as soon as possible and get prepared.