Logo

DOSarrest Vulnerability Testing and Optimization
Navigation
  • Home

Destructive cyberattacks are only going to get worse

on September 13, 2017 |
DDoS DDoS Attack Specialist DDoS Attacks DDoS Defense DDoS Protection Specialist Stop DDoS Stop DDoS Attacks

Overlooked among the stark headlines of the sheer scale of personal information hackers stole from credit monitor Equifax, was a Symantec reportdemonstrating that Dragonfly, a cyber-espionage group, continues to escalate its access to energy facilities’ operational systems in the United States, Turkey, and Switzerland.

More than simple exploration and espionage, the report shows a clear step towards pursuing sabotage and destruction, a trend that’s become more common alongside rising geopolitical tensions. This latest cause for alarm should not be viewed as an anomaly but as the current state-of-cyber in 2017 and beyond.

Over the last decade, destructive attacks have been targeting an increasing number and variety of organizations and critical infrastructure, but there has been a noticeable spike over the last year. In December, Crash Override, destructive malware largely attributed to Russia, struck the Ukraine power grid with a highly customized attack that could control the grid circuit switches and breakers. A few weeks earlier, Shamoon 2.0 surfaced, targeting Saudi government entities, infecting thousands of machines and spreading to Gulf states. Soon after, Stonedrill, another destructive malware, surfaced, targeting Saudi entities and at least one European organization.

These attacks are also evolving and bringing additional effects into play. For example, KillDisk, malware with a wiper component, has recently been updated with a ransomware component. On the other hand, NotPetya masqueraded as ransomware, but was likely a targeted wiper malware attack focused on destabilizing business and state organizations in Ukraine.

Dragonfly itself reflects an escalation in objectives from general intelligence gathering towards the system control that necessary for more damaging sabotage. This sort of escalation to destructive attacks usually occurs between interstate rivals with a higher propensity for conflict. In 2009, the North Korea-linked Dark Seoul gang was among the first to deploy wiper malware within a larger campaign, targeting the United States and South Korea with a combination of DDoS attacks and wiper malware. Similarly, following the Iran nuclear agreement, Iran and Saudi Arabia’s relative cyber ceasefire from 2012-15 gave way to a major escalation of tit-for-tat attacks on websites prior to Shamoon 2.0 and Stonedrill.

More recently, the back-and-forth between Russia and Ukraine represents the most prominent use of these destructive attacks and the best example of a major power attacking smaller country. In many of these instances, private sector organizations are caught in the crossfires. NotPetya may cost shipping giant Maersk $300 million even though, by most accounts, it was not the intended target.

Unfortunately, many of these attack vectors and destructive malware are now in the wild and are likely to be deployed by other groups. Dragonfly is just the latest reminder that attackers are increasingly brazen, and critical infrastructure remains a prime target.  Unlike the series of publicized destructive attacks that have been slowly on the rise for the last decade, we see no proof of actual sabotage with Dragonfly, but pre-positioning is probably underway.  We should not panic that the grid is about to go down, but we must pay attention to the trend.  Furthermore, although the energy sector is a prime target for destructive attacks, enterprises in other industries including media (I’m looking at you, HBO), finance and beyond must also be ready to protect themselves.

As long as geopolitical tensions remain high, and with the growing open source proliferation of nation-state malware, this trend is unlikely to abate any time soon.

Source: http://www.businessinsider.com/equifax-breach-proves-that-cyber-attacks-are-only-going-to-get-worse-2017-9

Share this story:
  • tweet

Recent Posts

  • As coronavirus cases surge, so do cyberattacks against the healthcare sector

    January 11, 2021 - 0 Comment
  • DDoS Attacks Remain a Serious Threat to Businesses Worldwide

    December 17, 2020 - 0 Comment
  • Teen who shook the Internet in 2016 pleads guilty to DDoS attacks

    December 10, 2020 - 0 Comment
Comments are closed.
DOSarrest ad

Keep updated with the latest DDoS Attacks

RSSSubscribe
  • Home
  • Latest News
  • Contact
  • Sitemap
© Copyright 2013. All Rights Reserved. Web Development by: 6folds Marketing