Is Your Company Suffering from Cyber Security Issues?

Data breach.

Vulnerabilities.

IAM security.

To the average business owner these terms are pure mumbo jumbo. But if cyber security is defined as integrity, confidentiality and availability, then it is certainly something you need to understand, and if not then you need to get help to protect your computer information. It’s time you found someone who does understand the meaning of these terms and knows how to protect your business from the damaging effects of these vulnerabilities.

Known in the industry as ICA (Integrity Confidentiality and Availability), proper ICA methods allow your company to recover from and defend against network accidents, hard drive failures and server system power outages. But equally as important, proper vulnerability preparedness can defend against cyber attacks by hostile outside forces, competitors, script kiddies, hackers and fun seekers who derive pleasure simply from taking you down. To be safe and secure, your business needs to plan for business continuity and vulnerability disaster recovery in the event of a PC network security breach.

No Ifs, Ands or Buts

Security must start at the top of your organization. Protection against data breaches is something even your CEO should embrace. The information world we live is a fragile – one that can be entered and attacked – so it demands powerful and constant cyber security controls. All systems – no matter whether you use a server or keep your data in the cloud – should contain certain security standards all employees must be properly trained in and vigorously adhered to. Anything coded by one human can be decoded by another and all code has flaws and bugs that can be exploited.

Security Training Is a Must Do

The weakest link is always the human element which means that if you use developers, they need to be trained to produce secure code. Staff must be trained to take a strong security stance. End users need to understand and look out for phishing and social engineering attacks. Internal panic can be averted when you know what to look for.

It Will Happen – A Breach through a Security Vulnerability is Just a Matter of When

At some point, every company is in danger of a cyber attack even with the best cyber controls. Hackers are always going to attack the weakest point. But if your company practices basic security control many of those attacks are preventable. That operation is often referred to as “cyber hygiene.”

It’s is no different than washing your hands before you sit down to dinner. But in the world of Internet privacy it means employing strong authentication practices and never storing sensitive data where it can be accessible. This may mean finding a good Managed Security Services Provider (MSSP), using cloud security or specialized data breach systems.

The point is you need to be proactive and go well beyond the basics. Hackers today are sophisticated and shrewd. They can circumvent most defenses and their methods are growing in complexity and proficiency every day. And all of us are increasingly vulnerable.

Everything Connected Can Mean Everything Open to Attack

The electric grid, banks, even cars and power plants can now be threatened. Even the once sacred election process is now compromised by foreign sources. And as more and more organization migrate to the cloud, as more employees bring their own devices into the workplace and new challenges arise, businesses need to be prepared and bump up their data penetration testing, as well as their server hardening systems.

A strong, vigilant and constant check and defense of your systems has never been more important.

Privacy Is King

Now more than ever, privacy is king around the globe. Consumers want their information kept safe by vendors and the regulatory climate around consumer privacy is a huge issue today. The European Union’s General Data Protection Regulation (GDPR) is a strict framework for this. It demands that organizations meet the privacy and security mandates of the GDPR and other regulations.

Cyber Professionals Are in High Demand

Business of all types need to protect themselves from a compromised situation. In doing so they need to hire managed security services providers, which means cyber security is a growth industry and will continue as advances are instituted and hackers seek to undo them. Companies need to sharply access their areas of greatest vulnerability and seek out professionals that can defend them.

What Level of Cyber Security Do You Need?

Every company and system is different but there still are general rules and steps we can all use

Network security is a must. Paying attention to network security helps you guard against unauthorized intrusion. Your staff must remember that there are a number of creative hackers out there and they constantly deploy destructive viruses and malware that can compromise your information. In the end, once you implement a few cyber security best practices, you may hear some griping about double passwords or extra logins, but it is worth the effort because just one hack can ruin your day. You may have to sacrifice some productivity, but imagine the productivity loss if your systems get hacked.

Here are a few tools you may want to implement to keep hackers from achieving a data breach:

Flag Alerts – There are tools to monitor security, but they can lull you into a false sense of security because valid alerts are often missed. To avoid that, real time flags and alerts should be considered.

Store It in The Cloud – The cloud opens new opportunities and poses new challenges to cyber security. The problem is that data usernames and passwords are usually insecure.  Breaches occur now with great regularity because of poorly configured cloud instances. As such, cloud providers are rapidly creating new security tools to better secure data, but as we all know, if there are treasures to be found, the diggers will be searching.

Secure Your Applications – Application security (AppSec), begins with secure coding. That is the weak point of most applications. Few companies mitigate to all the OWASP Top Ten web vulnerabilities. Fuzzing and penetration testing remains a must. Unfortunately, DevOps was developed to prioritize business needs over security. That focus will likely change given the proliferation of threats as more and more companies migrate to the cloud.

Internet of Things (IoT) Security – The things referred to include many critical and non-critical cyber physical systems. Examples are appliances, sensors, printers –even security cameras. These devices are often in an insecure state with no security patching. This poses threats to users as well as others on the internet. Botnets are springing up in many systems posing unique security challenges for all of us.

What Cyber Threats Are Out There Looking for You?

There are five general categories of Cyber Threats:

Confidentiality: Many cyberattacks begin with a target’s personal data. Identity theft, credit card fraud, bitcoin wallets – these are all prime targets of hackers. Other nations – our adversaries or enemies – are on the lookout for confidential info for political, military, or economic leverage.

Integrity: Another name for simple sabotage. Integrity attacks attempt to corrupt, damage or destroy information or systems, as well as the people who need them. They can be subtle or overtly seeking to do real damage. Everyone from script kiddies to nation-state attackers can and do employ this tactic.

Availability: The number one method attackers use to breach almost any business system is through the use of ransomware. Ransomware encrypts a target’s data then demands you meet their demands before they will decrypt it. Ransomware and denial-of-service attacks can be lethal and flood a network resource with requests, often crashing it and making it unavailable. This type of breach is usually handled through social engineering. In this method, attackers trick you into running a Trojan Horse program, usually from a website the user trusts and visits. Phishing is another method used. This works for hackers because it tricks you into revealing your password. Even well-trained users can be roped in. The best defense for this is the two-factor authentication method where a secondary password is sent to the user’s device.

Unpatched software: Really, this is the worst type of hacking for businesses because it is caused by cyber security oversight. It is a failure of due diligence. It happens simply because your team does not make the necessary updates on time. If you know about it and don’t fix it, the burden is on you.

Social media threats: These happen all the time and can get in as easily as attaching a phishing or malware program to your LinkedIn or FaceBook account. This is one that you need to expect to happen and be prepared for it when it does.

Advanced Threats May Already Be There

Don’t be surprised if multiple breach hackers are already messing around in your corporate network. If you’re working on something other competitors might like to get their hands on, they will find a way to take it from you unless you are prepared to stop them. This is especially true with intellectual property.

Bottom Line

These are only a few ways in which your system can be and will be breached someday. This article is not meant to scare you, but to help you realize that cyber security breaches are not a joke and happen to businesses of every size. This is why it is important to take necessary data breach security measures and protect your data.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

Keeping Your Healthcare Security Safe from the Top Cyber Threats

Cry.

It is what we should all be doing when we consider all of these cyber attacks.

In fact, a recent cyber attack, called Wannacry has made the healthcare industry want to do just that. Cry. So far, this cyber breach rained havoc down on 16 healthcare industry businesses, affecting different medical practices to differing degrees.

The cost incurred by cyber crimes is rising quickly as more and more hackers focus on the cyber world – a place where so many healthcare providers store information.

A joint study made by Ponemon and IBM demonstrates that businesses in the healthcare industry are still being affected by cybercriminals, and the number of breaches is on the rise. In fact, the study called “Data Breach Report,” indicates that there is a per-capita cost of about $380 for each file breach. So, if you’re in the healthcare industry, beware, take a deep breath, steady your nerves and read on.

Ransomware and other Malware

Malware is a new, raging and serious threat to all industries, but perhaps it creates the most damage in the healthcare industry. It is especially concerning because issues of life and death may be involved. Healthcare depends on an intricate set of reporting and services that are interlocking and which communicate critical information to the healthcare providers. That makes the data vulnerable to ransomware and other malware attacks.

After the WannaCry attack, hospitals were forced to deny admission of new patients and had treatment of existing patients interrupted because their records could not be accessed. Due to the increasing level of attacks a ‘Wall of Shame’, listing healthcare data breaches in the U.S., shows 288 data breaches affected nearly 4.7 million individuals – four times as many as in the previous year.

Phishing

Phishing usually begins as an email assault on a specific website, causing unusual spikes in traffic which can cause the site to crash.  Verizon reported that 66% of malware is initiated as an email attachment.  Shockingly, a whopping 98% of the healthcare industry providers are not taking steps to prevent this from happening by activating the Domain-based Message Authentication, Reporting & Conformance (DMARC).

Insider Threats

Threats from the inside, by patients and or staff is also of serious a concern, whether accidental or intended.  75% of respondents in the 2017 HIMSS Cybersecurity Survey reported that Insider threats seemed troubling enough and has caused some providers to improve their cybersecurity processes and set up protection programs.

Cloud Computing and Online Security

As more and more organizations migrate to the cloud, security threats will migrate with them. Healthcare’s use of cloud computing is projected to rise to 20.5% by 2020. Protecting data at rest and in transit requires robust encryption as well as other measures like second-factor authentication and complex passwords.

Attacks from The Internet

Internet-connect devices are growing in popularity, and usage in the healthcare industry is important and shown to improve patient outcomes. A recent App called OpenAPS has optimized a data-driven insulin delivery system and other Internet-enabled activity trackers are now improving cancer treatment, but they come with risks such as DDoS attacks that could disrupt treatment. Redundancy issues and protection of personal data are also vulnerable as more hospitals become dependent on Internet systems.

The Healthcare Supply Chain, The Easiest Way In

A negligent supplier can let cybercriminals in the front door. The TRICARE breach, that exposed 4.6 million military patient records happened that way.  Regulatory frameworks such as the HIPAA Omnibus Rule in the U.S., are being enacted to strengthen protections.

Authentication Issues

Secure authentication is the name of the game to minimize the problems of human-computer interaction. Passwords must be strengthened, changed often and require a two-stage process.

Legacy apps holding you back

90% of hospitals run legacy applications to preserve patient data. This can open the door to the cybercriminal. The WannaCry attack infected machines that were running unpatched older versions of Windows such as XP and 7 by exploiting a vulnerability in the operating system. Penetration testing should be a first step to finding your vulnerabilities.

Security is everyone’s problem

In healthcare security, issues extend to all disciplines, suppliers, and even patients. The increased use of IoT devices make this a cause for concern everywhere. A recent paper, for the National Data Guardian, “Your Data: Better Security, Better Choice, Better Care,” recommends improving security across healthcare organizations. Citing the issue of “people and processes” as much of a problem as technology.

Security is an is an issue of poor healthcare funding

Poor funding is a massive threat to security. Security and improvements in technology cost money for training and implementation, but they are as vital to everyone’s health as treatment is. If allowed cybercriminals will disrupt services to everyone within a society.

Bottom Line

Understandably, budgeting is an issue in the healthcare industry. However, cutting out or reducing expenses in cyber security is not the best answer. A cyber security attack is not a matter of “IF” but instead of “WHEN”. And if the organization is not prepared with a cyber secure environment the costs will be enormous. In this respect cyber security is much like insurance, something that you must have.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

Over a Quarter of All Businesses Suffer Cyber Security Issues

Why undergo a cyber security penetration test? Most organizations simply do them to meet compliance standards or to test the methodologies used by the IT security team. However, did you know that about a quarter of all companies perform poorly executed penetration tests – and in some cases do nothing more than validate known vulnerabilities?

A recent RSA security conference survey  revealed a frightening statistic, 26% of companies are lagging in proper cyber security practices. Some companies even intentionally ignore their own security flaws. The reasons range from not having enough time to address the threat, to not knowing how or not wanting to spend the money to hire someone who does.

Only 46% Address Cyber Security Vulnerabilities Right Away

Of the companies that do address vulnerabilities, many do so only with half interest. During the conference, 155 security professionals representing many companies at the RSA conference revealed that only 47% of organizations fix or address their vulnerabilities as soon as they are known.

Even more amazing is that some companies wait – sometimes for significant amounts of time –before they do anything about it. Either by applying patches or “do-overs”, allowing time for hackers to infiltrate their IT infrastructure and attack it.

But if you think that’s jaw dropping, chew on this: 16% wait for one month to apply patches and 8% said they apply patches only once or twice a year.

There Is No Time, They Say

I once heard a preacher say that often people don’t have time to visit a relative, but always have time to come to the funeral. Almost 26% of respondents said their company ignored a critical security flaw because they didn’t have time to fix it. But if their systems go down – or worse yet, is compromised or hacked – they’ll have even less time because so much of it will be spent in restoration.

16% ignore critical security flaws because they didn’t have the skills to patch them.

The conclusion of this study is? Hoping for the best, is obviously not the best way to run an organization.

If You Can Hack Yourself, You’re in Trouble

71% of the IT professionals surveyed admitted that they would be able to hack their own company. And only 9% said this was highly “unlikely.” The fact that 71% felt they could indicates how weak and vulnerable many companies are – which means we are in dire straits.

But There Is A Difference Between Saying and Doing

During this survey, IT security analysts were asked how they might hack their own company if they so wished:

  • More than 30% said they’d use social engineering, something like a phishing email or program
  • 23% said they would think about attacking an insecure web application to get in
  • 21% said that accessing username and passwords for cloud would be the way they would get in
  • And another 21% said they’d target an employee’s smartphone,tablet or laptop

Now if the employees know how to hack their organization, how easy do you think it is for a professional hacker to do the same thing?

Testing, Schmesting

Does testing really matter? Why bother with something as routine as testing?

The truth is effective penetration testing offers an advantage over automated scanners. It allows you to see what a human attacker can easily determine and helps you discover misconfiguration vulnerabilities, something automated scans often can’t detect. And one of the biggest vulnerabilities found are the excessive misuse of user permissions which can easily give unauthorized access to hackers.

Human attackers often compromise a system by using a variety of vulnerabilities together. Penetration tests can simulate a variety of attack paths and thereby allow you to fix the errors.

All in All

It is important that you know all the vulnerabilities available to hackers through your organizations network. And sometimes the only way to really see these vulnerabilities is through penetration testing. It shows you which vulnerabilities are easy to exploit and which aren’t.

Yes, it’s important to know what vulnerabilities exist in your organization’s network. But which ones do you spend your finite resources correcting? Which vulnerabilities are easily exploitable, and which aren’t? Which put critical assets at risk? Which have to be fixed first? Without this context, you might spend time and money in the wrong place, leaving your organization exposed elsewhere.

A clearly described attack path, derived from a well-performed penetration test, can provide this context. For example, your organization might have an old Windows 2003 server running a mission-critical application. Because the server’s operating system is no longer supported by Microsoft, it will never receive patches – even for major, exploitable vulnerabilities. However, if the penetration test discovers that the server is in a properly segmented, hard-to-access network, then the vulnerability is likely of a lower severity. You should still address it, but only after more critical vulnerabilities have been mitigated. This kind of context enables better decisions about the use of finite resources to improve the organization’s overall cybersecurity posture.

Get Engaged, Get Value

Consumers of penetration testing can ensure a more valuable engagement for their organization by understanding what a penetration testing team does and by taking an active role from the beginning. Being highly engaged with the testing helps it generate and capture the appropriate context, which will allow the organization to make more informed decisions about where to allocate limited resources to improve its cybersecurity stance.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

 

 

 

Wiper Malware Can Wipe You Out

You show up for work all bright and shiny one day, fire up your computers and…suddenly you feel your heart leap in your chest and your hands begin to shake. Your data, the lifeblood of your organization, has been erased. What happened? Now what are you supposed to do?

When it is all wiped clean by wiper malware, there is not much you can do. Which is why it is so important to protect your data and implement state-of-the-art data security measures that will help you replace that lost data.

It Is Wiper Malware

Wiper malware, the villain of this real life horror story, almost brought Sony Entertainment to its knees in 2014. The recent attack associated with North Korea, used something called Destover to do its dirty deed.

The cyber world has captured the imagination of criminal minds and other hackers. It is the wild west all over again, but this time wars will be waged without bullets. Attacks will come without bombs or soldiers. Instead cyber attacks will be fought from swivel chairs.

Every business and every person that is connected to the web can easily become a victim.

So if you have a 100,000 word novel or your company’s financial life on your computer systems, you better have some type of cyber security plan and backup in place.

What Is Wiper Malware?

A rose by any other name is still a rose, only in this case it is Wiper malware, also known as Shamoon, Black Energy, Destover, ExPetr/Not Petya and Olympic Destroyer and others. Their purpose is to destroy systems or data and cause reputational damage or financial loss.

Even so, most of the actuators of Wiper code are bent on one of two things:

  • Sending a message – typically to make a political statement.
  • Cover their tracks after data exfiltration.

Yes, destructive cyber attacks have been around for a long time. But the delivery method of wiper malware is significantly more evolved and damaging and can range from overwriting files to the destruction of entire file systems.

The Wiper Anatomy

The typical Wiper malware looks at three targets: files (data), system boot section, and backups (located on the system). It usually targets all three areas simultaneously.

Cyber Security Measures Are Essential

It is an unsettling moment when fact and truth are no longer the same things. The newspaper and 24/7 cable news channels show that opinion, elections, and information can be manipulated, controlled, targeted and (gulp…) erased. So far it’s been mostly politics, but that will soon change as hackers learn to do more and more damage.

Patterns of Attack

In a report entitled “Wiper Malware Analysis,” David McMillen stated that malware attacks basically began in 2008 with a malware called Narilam. This computer compromise method attacked financial and business software packages primarily used in Iran.

In 2009 and 2010, two more, called Dozer and Koredos were deployed in South Korea. Shamoon, reared its ugly head in 2012 and took out 30,000 computers at Saudi Aramco. Another in the growing list of villains called GrooveMonitor/Maya, was reported in Iran and an aptly name package called Dark Seoul showed up in South Korea.

The Hostages

Some launch one-time attacks on a specific date, others move more gradually doing their damage over a longer period of time, allowing remote command-and-control center access to the system.

Hackers can now potentially move into extortion, blackmail, and ransom as the value of data increases exponentially. As creative as the malware becomes, so too will the creativity of the hackers or political activists that want to sway things their way. With vast amounts of money, influence and power at stake, the duty to protect your data have never been higher. Erasure, exposure and extortion can all come your way, regardless of how careful you think you may be.

What Can You Do?

Don’t be defensive, but instead be offensive – prepare for an eventual cyber attack. When it comes to malware, it is not a matter of “If” you will be attacked but when. The best things you can do are:

  • Prepare is to take proactive security steps to minimize the risks
  • Isolate crucial intellectual property in hardened systems that can only be accessed through security passwords
  • Back-up important files and store them off-site
  • Institute and test an emergency response and recovery plan

If you take these vital steps to secure your data, you won’t have to worry about Wiper Malware ruining your bright and shiny day.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

 

 

Cyber Attacks Against Cryptocurrency Traders

Virus Alert: If you’re a cryptocurrency trader, this worm can cost you everything.

Blockchain it is the new buzzword on the Net – the brainchild of a person or group of people known as Satoshi Nakamoto. But since its invention it has changed into something of importance to everyone.

What Is Blockchain?

Blockchain allows for digital information to be distributed and not copied. It was originally created to be the foundation of a new type of internet and digital currency known as cryptocurrency.

These currencies go by many names (including Bitcoin) and have been called digital gold. Today the value of this new currency runs into the billions of dollars.

Blockchain technology has been a game changer for the finance industry and crypto-currencies have been trading at record levels this year. Investors find them a great alternative to mine wealth. Unfortunately, other miners find it easier to let you do all the work, then take the proceeds for themselves.

The FacexWorm Attacks Crytocurrency Investors

You can catch the virus called FacexWorm as easily as opening a video link from someone you know via Facebook Messenger. If you get one, you better keep your eyes wide open and your fingers still. If you click it you may regret it, and all of your new blockchain acquisitions might be gone in a second.

The FacexWorm

Cyber security experts are warning users of blockchain technology of a dangerous and invasive Chrome extension being spread through Facebook Messenger. Prime targets are users of blockchain cryptocurrency trading platforms. The mission: access all their account credentials, info and data.

FacexWorm, first showed its ugly face in August of 2017, but apparently it’s being improved because recent versions have a host of new malicious capabilities.

These New FacexWorm Capabilities include:

  • Stolen account credentials from websites like Google
  • Invasion of numerous cryptocurrency and trading sites
  • Redirecting traders to cryptocurrency scams sites
  • Interjecting web page miners onto cryptocurrency trading platforms
  • Redirection to a miner’s link for cryptocurrency referral programs so they can not only mine you but also any of your contacts with blockchain currency accounts

Facebook Messenger has now become a favorite target to spread worms and other forms of cyber-destruction.

Other cyber security issues that relate to blockchain attacks are a Monero-cryptocurrency mining bot, called Digmine. It targets Windows and Google Chrome and is spread through Messenger by redirecting crypto-traders to popular video sites like YouTube.

The FacexWorm extension targets only Chrome users so far. If the user does not use Chrome, they will be redirected to a benign useless advertisement.

How FacexWorm Does Its Damage

FacexWorm works by transmitting specifically engineered links via Facebook. If clicked on while using the Chrome browser, FacexWorm redirects you to a bogus YouTube page. To continue, the user must download a fake Chrome extension as a codec extension.

Once installed, the FacexWorm Chrome extension automatically downloads additional modules from its command and control server and creates a replicant clone of Chrome. In addition to its routine functions, the FacexWorm also contains a code snippet that it injects onto the affected system. The destructive new worm spreads every time a new web page is opened.

Researchers reported “FacexWorm will query its C&C server to find and retrieve another JavaScript code (hosted on a Github repository) and execute its behaviors on that webpage. With all permissions accepted at installation the worm can access or modify data for any websites opened.”

How Much Damage Can the FacexWorm Do?

By obtaining a user’s friend list, it can send out bogus YouTube video links and request authorization access to everyone on your list, spreading itself around the globe.

It can capture account credentials and info for Google, MyMonero, and Coinhive, when the user opens a target website login page. It can also install a cryptocurrency miner to any opened web pages, utilizing the user’s own computer to mine Cryptocurrency.

Highjacking

FacexWorm can highjack cryptocurrency related trading transactions by redirecting the keyed-in address and replacing it with the attackers address. When any one of the 52 crypto-currency trading platforms like “blockchain,” “eth-,” or “ethereum” are typed into the URL, FacexWorm redirects to the scam webpage where the hacker can steal any or all of the crypto-coins. Targets include Poloniex, HitBTC, Bitfinex, Ethfinex, and Binance, and the wallet Blockchain.info.

This Blockchain Malware Is Sneaky

FacexWorm is sneaky. To avoid discovery and extraction it immediately closes an opened tab when it detects Chrome is being opened. There is even an incentive for hackers every time a victim registers an account on Binance, DigitalOcean, FreeBitco.in, FreeDoge.co.in, or HashFlare.

Targeted crypto-currencies by FacexWorm include Bitcoin (BTC), Bitcoin Gold (BTG), Bitcoin Cash (BCH), Dash (DASH), ETH, Ethereum Classic (ETC), Ripple (XRP), Litecoin (LTC), Zcash (ZEC), and Monero (XMR).

This is only the beginning with just one Bitcoin transaction being recently affected. With the widespread use of Facebook Messenger around the globe, the worm will spread with it. The malware already has surfaced in Germany, Tunisia, Japan, Taiwan, South Korea, and Spain.

Bottom Line

Facebook spam campaigns are nothing new, so it is always smart to be careful, especially with banking and currency sites and the potentially tremendous losses.

Many malicious extensions have already been removed by Chrome, but they keep reappearing so be careful with your currency trading.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

 

 

The Next War Will Be Fought Without Firing A Single Bullet

Bombs, bullets, mortars, tanks. They are all so World War II. The next war, if it happens, will be waged in cyber-space.

Imagine the chaos of no air traffic control, no electrical grid, no banking, money, food or fuel. In a matter of days, life as we know it will be either over or damn close to it. No soldiers needed, no buildings blasted to smithereens. Cyber war is the doomsday scenario being played out in war game exercises around the globe.

Penetration Testing at NATO

NATO’s annual cyber-attack exercise, “Locked Shield,” prepped member states in how to deal with a cyber-attack. Over 2 days, different teams from different nations simulated attacks that compromised air-traffic control centers and the electric grid.

“You don’t need to start a war by targeting the military,” Merle Maigre, Director of NATO Cooperative Cyber Defense Center of Excellence recently said. “Malicious codes could render fighter pilots unable to respond even before they take off.”

Cyber Security Damage is Extensive

If that isn’t a concern for you, then add in the rest of the damage a cyber-blast could affect: banking, food distribution, power, fuel. These are most of the things we need in modern society to survive.

Our systems were set up in the 1970s, well before the current level of concern existed. We are clearly vulnerable and way behind the times – and the threats. Our society is so intertwined we can no longer survive without each other. We need to get ready.

30 countries from the EU and NATO took part in the exercise held in Tallinn, Estonia. U.S. Commander Michael Widmann said real-world practice exercises are needed to prepare for an attack. He claimed, “we look at real-life incidents and then we apply them to our exercises. We’re not trying to make things up.”

It Sounds Like a Sci-Fi Novel, But Cyber Attacks Are Real Threats

This is not a future maybe. Cyber attacks have already presented real damage to areas or industries we thought untouchable. So for those of you who play a role in protecting the cyber security of your organization, let us show you how very real these cyber attack and security breaches are – these are some real examples of what cyber criminals have done before.

The Breach of Hospital Ventilation Systems

In 2011, a data breach affected the ventilation system of a hospital. The hacking took place by injecting malware into the hospital computer system. The vulnerability caused significant physical damage to the hospital and as a result the HVAC system stopped. This immediately put patients at risk and placed an immediate threat on the medical supplies held at the hospital. In this incident, the hacker compromised the system and controlled both the air and heating systems from a remote location. As a result of this issue the hospital made proper cyber security measures a priority and performed several server hardening tasks to better protect their data.

A Compromised Turkish Oil Pipeline

Another serious incident occurred in 2008 when hackers disabled the pipeline computer systems.  There was no serious damage, but the potential risks were immense – causing the businesses to hire a managed security services provider. If this incident had not been controlled properly, people in Southern California would have been exposed to an immense oil leak along their coastline – and it would have gone undetected by the pipeline management system.

Derailing of a Train

A teen in Poland used a homemade transmitter to trip the rail switches and redirect four trains. As a result of this compromise, 12 people were injured when a train derailed.

German Steel Plant Explosion

In 2015, a steel plant in Germany experienced severe consequences due to hacking. The compromise closed crucial areas of the plant and caused a furnace that was not shut down properly to explode.

Raw Sewage Dump

Hackers can oftentimes be very disgruntled and take out their frustrations on IT systems. Back in 2001, a young Australian hacker took out his vengeance on the town he lived in by hacking into the town’s computerized waste management system and spilling millions of gallons of raw sewage into the town’s parks and rivers.

 Power Grid Sabotage

Back in 2015 another critical compromise occurred showing us just how much damage cyber attacks can really do. Faulty firmware placed into a power grid in the Ukraine caused the blackout of an entire city.

Please Pay Attention!

Cyber attacks are no longer confined to stealing information or ransoming information for money. Sometimes hackers just want to do physical damage to a community, a city, an institution or a business. In order to prevent or avoid these horrendous possibility of a Cyber World War III, it is imperative that we implement server hardening measures that prevent infiltrations and improve cyber security.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.