Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Department of Homeland Security: Killware, an emerging threat

Secretary of the US Department of Homeland Security Alejandro Mayorkas warned that cyber attacks designed to cripple critical civilian infrastructure, and potentially cause physical harm, are likely to increase in frequency.

user icon
Mon, 18 Oct 2021
Department of Homeland Security: Killware, an emerging threat
expand image

Speaking to USA Today this week, the United States’ Department of Homeland Security Secretary Alejandro Mayorkas raised red flags over the growing risk of “killware” tactics – whereby cyber criminals attack critical civilian infrastructure, resulting in potentially fatal outcomes.

Mayorkas made specific mention of the February hack on the Oldsmar Florida water treatment plant, where cyber criminals are thought to have leveraged outdated Windows 7 operating systems, unsecured facility networks and old passwords to gain access into the facility.

The cyber criminals were then accused of manipulating the amount of chemicals present in the water supply, with media outlet Dark Trace suggesting that the criminals increased the level of sodium hydroxide in the water before being caught.

============
============

“The attempted hack of this water treatment facility in February 2021 demonstrated the grave risks that malicious cyber activity poses to public health and safety,” Mayorkas said in an interview with USA Today.

“The attacks are increasing in frequency and gravity, and cyber security must be a priority for all of us.”

Mayorkas explained that such attacks are designed “purely to do harm”.

Mayorkas’ interview came after several tumultuous months of targeted attacks against critical civilian services.

In April, healthcare provider UnitingCare Queensland was allegedly hacked, while an array of elective surgeries in Melbourne were halted having suffered a “cyber incident” in March.

It is expected that numerous attacks on civilian services have also gone unreported, with organisations afraid of ramifications of paying for a ransomware decryption key.

In July, assistant director of the FBI’s cyber division Bryan Vorndran warned against making ransomware payments illegal, since the extortion payments between victim and criminal to decrypt ransomware data will be driven underground.

According to Vorndran, criminalising such activities would not encourage victims to come forward to the FBI and leading cyber agencies, thus hampering the FBI’s ability to track and trace cyber criminals.

“[If] you ban ransom payments, now you are putting US companies in a position of another extortion, which is being blackmailed for paying the ransom and not sharing that with authorities,” he said.

[Related: Tough new laws to protect Australians against ransomware]

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.