Enterprise Network Protection against Cyberattacks: Black Energy
The Internet has made the world more connected, allowing people to connect to almost everything from personal devices and home appliances to transportation, utilities, and industrial systems. But this interconnectivity comes at a price: they're open to cyber attacks that could impact more than just information loss.
The recent attack against power facilities in Ukraine is an example of a threat with real-world impact. Executed using malware identified as BlackEnergy and KillDisk, the attack did not end with information theft, as often seen in cyber-attacks, but something much worse: it destabilized a country’s critical infrastructure. And they did it by relying on one of the most intrinsic and inherent flaws in any network: the human factor. With the use of spearphishing—a tactic that depends on deception to work—a group of threat actors managed to bring down an entire power grid. It also subsequently affected a top mining facility, followed by a major rail transit company.
What makes this particular attack noteworthy—and an alarming portent of things to come—is that it exposed how vulnerable critical facilities are, now that they’re connected to the Internet. It also demonstrated how, in our desire to get everything conveniently ‘online’, we’ve neglected to secure systems that are in desperate need of securing. Cybercriminals now know just how vulnerable these facilities are and how easy they are to attack, and it could be a sign that we should expect more such incidents in the months (or even days) to come.
Now, more than ever, we need to take cybercrime seriously. We need to take online security seriously, not just in the solutions we install on our systems, but also in the education and expertise of those handing the systems themselves.
Because like we’ve predicted—and reported—countless times before, the lines of reality are blurring. Attackers are getting bolder, their tools becoming more sophisticated, and their methods more refined.
Get the full details of BlackEnergy in the primer, The Ukrainian Power Facility Attack.
Visit the Threat Intelligence Center for more on ICS and SCADA systems and industrial cyber security.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale