The U.S. electrical grid is in “imminent danger” from cyberattacks according to a report from the U.S. Energy Department released earlier this year. Such an attack would put much of the infrastructure that we rely on for public safety and basic services in jeopardy—electricity, water, healthcare, and communications systems, among others.
Just last week, an email was sent to energy and industrial firms by the DHS and FBI warning of hacking groups targeting critical infrastructure in the “energy, nuclear, water, aviation, and critical manufacturing sectors.”
Great power, great responsibilty
While the networked technology behind this infrastructure empowers our society, it also exposes us to new risks. Most people are aware of the cyber threats facing our personal mobile devices, home computers, and smart appliances. But the risks to public safety on a larger scale are less well known. Commitment to securing this brave new world is critical if we are to avoid serious public safety problems.
Cyberattacks targeting our critical infrastructure reveal our shared responsibility in securing the networks we depend on each and every day in our connected world.
Ransomware attacks—when cybercriminals hack a computer, encrypt the files and hold them hostage—pose a particularly dangerous threat for public infrastructure. It is estimated that ransomware has resulted in billions of dollars of losses in the last year alone, according to our June 2017 Quarterly Threat Trend Report.
Already this year, we’ve seen several major ransomware attacks on government entities, including counties, cities and multiple police departments leading to major disruptions in services like emergency response times, video surveillance and emergency radio transmissions.
In June, an infamous cyberattack dubbed NotPetya hit Europe, affecting workplaces and public domains. This attack mirrored its predecessor named Petya (a type of ransomware), except this new incarnation used “EternalBlue to target Windows systems—the same exploit behind the infamous WannaCry attack.” It also differed from other popular ransomware attacks by denying user access and attacking low-level structures on the disk. This Petya-based attack targeted employees at one of the world’s largest advertising agencies, as well as oil companies, shipping companies and banks. A new ransomware attack that emerged this week named Bad Rabbit also appears to be linked to the NotPetya attack.
As advanced threats such as ransomware continue to evolve in sophistication, they present a more imminent threat to the systems and services we rely on for public safety. Cyberattacks targeting our critical infrastructure reveal our shared responsibility in securing the networks we depend on each and every day in our connected world.
Get tips on becoming a more proactive and prepared citizen with our “One Wrong Click” infographic.