Industrial Cybersecurity Pulse
  • SUBSCRIBE
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Resources
  • Helpful Links
  • Editorial Calendar
  • Advertise
  • Contribute
  • Content Partners
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
SUBSCRIBE
  • Resources
  • Helpful Links
  • Editorial Calendar
  • Advertise
  • Contribute
Industrial Cybersecurity Pulse
Subscribe
Industrial Cybersecurity Pulse
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Education

Protecting U.S. critical infrastructure from malware cyberattacks

  • Stephanie Jones
  • November 24, 2021
Image courtesy: Brett Sayles
Image courtesy: Brett Sayles
Total
0
Shares
0
0
0
0

Over the past year, there has been a sharp increase in cyberattacks using malware to target the systems of critical infrastructure such as utility companies, government agencies and organizations that provide services and products we rely on daily. According to a report from the cybersecurity firm CheckPoint Software, in the first half of this year, there was a 102% increase in these types of attacks compared to 2020.

One of the biggest this year was the ransomware attack on the Colonial pipeline, where hackers gained control of the control room computers and demanded a $4.4 million payment before they would return the system back over to the company.

The Colonial pipeline supplies about 45% of the East Coast’s oil and diesel fuel supply, and they were offline for several days due to the attack. This not only impacted the company’s bottom line, but it also affected consumers as a major fuel supplier went offline for several days.

If that weren’t bad enough, it was recently announced that the company had to notify employees that their personal data may have also been compromised during the attack.

A few weeks later, global meat supplier JBS Foods paid an $11 million ransom after an attack that caused them to temporality suspend meat processing at their plants. As a result, there was an uptick in beef and pork prices.

“In years past, a lot of internet attacks were done for fun, but these days they are all for profit,” said Dr. Guofei Gu, professor in the department of computer science and engineering at Texas A&M University. “The most popular, and profitable, type that we see nowadays is ransomware.”

Ransomware is an advanced type of malware that installs itself onto a user’s machine or device undetected, encrypts their data files rendering them inaccessible and demands a ransom payment to decrypt them. But even if the ransom is paid, the decryption process to get the files back to normal is a slow one.

“These groups will put several locks on the data,” said Dr. Dilma Da Silva, professor and holder of the Ford Motor Company Design Professorship in the department. “While you may be able to get through them all with the key that they give you, it is going to take the computer a long time to get through them all. And there’s always a possibility they will leave an extra hack behind for themselves or to sell to other cybercriminal groups.”

Cybercrime is a growing business. The FBI reported that in 2020, despite most of the country being focused on the COVID-19 pandemic, they received a record number of complaints about cybercrimes, which cost Americans about $4.2 billion in losses. Cybersecurity Ventures predicts that by 2025, that number could grow to $10.5 trillion per year worldwide.

What is malware?

Malware is an umbrella term for any malicious software such as viruses, worms and spyware that is intentionally designed to cause harm or damage computers, computer systems, devices and networks. It can get into a system through various methods, including email attachments, infected applications, USB drives, phishing emails, text messages and malicious advertisements.

Recent malware attacks have a couple of new features that set them apart from past attacks. The first is that the malware is a sophisticated software written by highly skilled professionals. It explores a computer’s software vulnerabilities that even the owner of the system has not discovered. The second new feature is that these professional groups have begun targeting more profitable victims.

One of the nation’s most vital infrastructure systems — utilities — is among the most vulnerable to cyberattacks. Many large utility companies run on very old systems and software and have highly constrained resources. The reason why these out-of-date platforms are still in use is because they were created to perform specific tasks and they still work. When a vulnerability is found, updating the system is not a simple process. In addition, if one element of it is changed, then it can affect other parts in unpredictable ways and result in more issues. They are also not able to run additional software alongside it to protect it.

Better protecting critical infrastructure systems

When it comes down to developing solutions to improve the strength of these systems to protect from future cyberattacks, there is a dilemma. Unlike the computer systems that we use every day, like Windows or Linux, many of these critical infrastructure systems are highly closed to outsiders, including cybersecurity experts.

“On the one side, these organizations want their systems to be secure, but at the same time, they are not able to achieve the level of security they need,” said Gu. “They either cannot use existing solutions, or they are unwilling to open their systems for experts to assess for possible vulnerabilities.”

While there may be good reasons to keep the details of their systems hidden, it makes collaborating with security experts who want to help difficult. To improve communications between these organizations and cybersecurity experts, Gu suggests that the solution could be designing these systems to be more open.

“A lot of the time, an open design is actually more secure because a lot of experts will be able to analyze it,” he said. “If they are not able to find any problems or break them, it typically means that the system’s security is good. It’s all about finding a good balance between openness and security.”

Cybersecurity research at Texas A&M

Texas A&M is one of only a handful of colleges and universities in the nation designated as a Center for Academic Excellence in all three National Security Agency focus areas: cyber operations, cyber defense and research. Da Silva’s work, which is funded by the National Security Agency, centers around making computer systems more suitable for security work.

“It is essentially about the computational power to be able to process data very quickly,” said Da Silva. “When there is a lot of data coming into a system at a rapid pace, the system needs to be able to consume that data very quickly and run algorithms that run closer to where the data is produced. We’re really refining and specializing the things that Google and Facebook, for instance, use to process a lot of data but for cybersecurity, specifically.”

Gu’s research is focused on achieving defense in depth, which is a security approach that utilizes several layers of defense mechanisms that are thoughtfully placed throughout a computer network to protect the valuable data within it from a variety of threats. In the event that a mechanism fails, another will immediately step up to stop the attack.

“We’ve done a lot of work in terms of how we can proactively prevent, detect and recover from cyberattacks,” said Gu. “For example, we built a system to detect new vulnerabilities inside a computer system’s software that needs to be fixed before a cybercriminal could get in and explore the system.”

As cybersecurity is virtually its own ecosystem that covers a lot of different aspects of our society, a wide breadth of expertise is needed to cover them all. The Texas A&M Cybersecurity Center is building a strong team of faculty and students that work on various aspects of security such as in the Internet of Things, cloud computing, blockchain and software.

Do you have experience and expertise with the topics mentioned in this article? You should consider contributing content to our CFE Media editorial team and getting the recognition you and your company deserve. Click here to start this process.

Stephanie Jones

Related Topics
  • CFE Content
  • Featured
Previous Article
  • Threats & Vulnerabilities

Hacking season: Why Cyber Monday presents a cybersecurity nightmare

  • Mariana Pereira
  • November 23, 2021
Read More
Next Article
As threat increases, college cybersecurity programs are more in demand
  • Threats & Vulnerabilities

Throwback attack: A Thanksgiving ransomware attack shuts down Baltimore schools

  • Christina Miller
  • November 24, 2021
Read More
You May Also Like
Read More

Protecting Critical Infrastructure eBook

Courtesy: Bundy Group
Read More

Cybersecurity mergers and acquisitions and capital markets update

Read More

Webcast: How to Protect Against Supply Chain Attacks

Courtesy of: Louisiana State University
Read More

Taking a ‘hands-on’ approach to smartphone identity verification

Courtesy: Applied Control Engineering Inc.
Read More

New funding will help University of Arizona grow the cybersecurity workforce

Hero and Rajapaske stand next to the microscope display showing an image of the multiplying B-cells. (Courtesy of: Silvia Cardarelli, Electrical and Computer Engineering, University of Michigan)
Read More

Immune to hacks: Inoculating deep neural networks to thwart attacks

Read More

Introduction to ICS security fundamentals

Courtesy: CFE Media and Technology
Read More

NSF award will help IUPUI train, increase diversity of next wave of cybersecurity engineers

SUBSCRIBE

GET ON THE BEAT

Keep your finger on the pulse of top industry news

SUBSCRIBE TODAY!
VULNERABILITY PULSE
  • Berkeley Internet Name Domain (BIND) - May 19, 2022
  • Mitsubishi Electric - May 19, 2022
  • Apache - May 16, 2022
  • CISA - May 16, 2022
  • Joint Cybersecurity Advisory - May 17, 2022

RECENT NEWS

  • Throwback Attack: Hackers attempt to flood Israeli water supply with chlorine
  • Will CISA recommend securing industrial control systems?
  • How to implement layered industrial cybersecurity in volatile times
  • Throwback Attack: DDoS attacks are born in the Big Ten
  • Improve two-factor authentication system security

EDUCATION BEAT

Introduction to Cybersecurity within Cyber-Physical Systems

Cyber-physical systems serve as the foundation and the invention base of the modern society making them critical to both government and business.

REGISTER NOW!
HACKS & ATTACKS
  • Ron Brash Interview: Expert advice on finding the root of the ransomware problem
  • Throwback Attack: How the modest Bowman Avenue Dam became the target of Iranian hackers
  • Minimizing the REvil impact delivered via Kaseya servers
  • Key takeaways from 2020 ICS-CERT vulnerabilities
Industrial Cybersecurity Pulse

Copyright 2022 CFE Media and Technology.
All rights reserved.


BETA

Version 1.0

  • Content Partners
  • Contact Us
  • Privacy Policy
  • Terms and Conditions

Input your search keywords and press Enter.

By using this website, you agree to our use of cookies. This may include personalization of content and ads, and traffic analytics. Review our Privacy Policy for more information. ACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT