Throwback Attack: Rural Maine proves that ransomware doesn’t discriminate

Courtesy: CFE Media
Courtesy: CFE Media

Critical infrastructure is one of many areas of interest for threat actors because it can be a major pain point for societies. In recent years, hackers have gone after everything from water treatment facilities, like the Israeli water treatment facility, to power grids, like what happened in Ukraine several years ago. These attacks can take many forms, manifesting as a ransomware attack, DDoS attack or something else entirely.

In Limestone, Maine, a pair of water sewage plants was hit by a ransomware attack in an attempt to steal data for profit. While this strike was largely unsuccessful, the threat actor did manage to disable the plant’s overheating alarm for various pumps. The workers were able to catch it and fix the problem before any real damage was done, but this attack is proof positive that motivated hackers can create damage to physical systems.

Limestone falls victim to a ransomware attack

According to WAGM, a local news organization, “no money was paid and no customer data was compromised” in the ransomware attack.

It later came out that this hack’s entry point was through an old laptop running Windows 7, an operating system released more than 10 years prior. This demonstrated the need to update systems to ensure all known vulnerabilities are patched and to help prevent such attacks from happening again. This year’s Cybersecurity Awareness Month has a major focus on cybersecurity best practices, and one of the main things they are preaching is updating software. While both the threat actor and motives are unknown, it can be assumed that it was for monetary purposes, given that it was ransomware.

According to Secure World, Water and Sewer District Superintendent Jim Leighton stated that, “It was a bad thing for us, but a good thing for the county. Everyone took notice and did things to their computers so they couldn’t be hit.” This attack helped put a spotlight on cybersecurity importance in the Limestone area.

The rise of ransomware

Ransomware has been one of the most important and relevant topics in cybersecurity of late. According to Sophos, ransomware attacks went up 78% between 2020 and 2021. However, this is just scratching the surface of ransomware’s true impact in the 2020s.

When a business is staring in the face of a ransomware attack, there is no knowing what the damage will be or even if their data can be retrieved (assuming they choose to make the ransom payment). This could equate to businesses losing money AND data — as well as suffering whatever downtime occurs while trying to recover from the cyberattack.

The Limestone ransomware attack demonstrates that threat actors don’t discriminate when picking their victim(s). Many organizations assume that they are too small or unimportant to find themselves in the crosshairs of a cyber incident. But whether it’s a Fortune 500 company or, in this case, a sewage plant in the small town of Limestone, Maine, everyone is fair game. Because of this, it is imperative for all businesses to exercise cybersecurity best practices to prevent not only ransomware attacks, but all cyber threats.

The importance of cyber resilience

A major part of withstanding future cyberattacks is taking precautionary steps to have stronger cybersecurity and learning from past cyberattacks — ones that have happened internally and to other businesses. By doing so, it is easier to anticipate an adversary’s next steps. This could include running occasional tabletop exercises or penetration testing to make sure your organization knows how to handle the chaos of a cyber breach.

Another option that can help mitigate the damage from an intrusion is cybersecurity insurance. However, it is important to note that insurance providers will not try to help a business get their data back. Rather, in a best-case scenario, they will compensate the business for the value of their data (very much like how other insurance works).

The Limestone sewage treatment attack serves as a reminder that we are all susceptible to hacks and that keeping our guard up is important to maintaining a safe, secure environment for your business.




Keep your finger on the pulse of top industry news